crypto question - using crypto to protect financial transacti ons

McMeikan, Andrew McMeikanA at
Wed Apr 17 05:15:04 EDT 2002

> -----Original Message-----
> From: Amir Herzberg
> I understand the goal of allowing secure and anonymous financial
> transactions via the Net. I'm personally very interetested in this,
> although I must admit I am also a bit concerned about the social
> implications if this becomes a reality (or when it does, 
> since I believe
> it eventually will). What I'm concerned about is tax 
> avoidance, esp. by
> wealthy individuals and companies. Nobody likes taxation (at least
> personally :-), but it is still the basis for operation of 
> states - and
> while changes may be good, they are also risky. 

A brief word on anonymity, I to, worry about what could be done.  I worry
more about what could be done without it. 

> Anyway, forgetting for a moment the question of should we do it, let's
> focus on the question of how we do it :-) 

May the future forgive us for what we dream up ;)

> I looked up Andrew's site, and actually there're not too many details
> there (yet?). I think his initial focus and question was on 

The yet just got added, a quick little framework that shows the idea (still
in progress, use your imagination)

> the issue of
> whether one can trust one's public key to the financial 
> server, and his
> answer seems to be, you can if you split the key between 
> several servers
> using thershold or proactive signatures (proactive schemes allow
> recovery from penetrations of servers - and btw, this is an area
> deserving more implmentation efforts, beyond what we did in IBM). 

Public keys can be trusted in any hands, but how safe is the server.

If everyone tracks everyone's (at least those they deal with) transactions
then you have very little privacy and lots of IOU's floating about.  (see
Todd Boyles ARAP cloud stuff)

Someone however must certify that funds exist and are nice and hard.  This
means a signature from a trusted source (the mint).  The mint signs money
in, so can also make balance statements and provide some privacy.  This
complicates matters in regard to auditing and security.

For the mint to be trusted, it must be secure (and honest).  In an anonymous
system it must also be distributed and attack proof (well as attack proof as

To get all that you need a good cryptographic approach, hence the appeal to
experts such as this list.

> I think there may be even more critical hurdles for 
> successful financial
> crypto services. A very important one is interoperability between
> different financial service providers (the companies that keep your
> money... E.g. banks). Most crypto-financial efforts so far 
> focused on a
> centralized model - one bank - and that's much easier to design, but
> very hard to succeed. I've done some work on secure interoperability
> among providers - it was actually the main feature of IBM Micro
> Payments. IBM have also applied for patent for some of the ideas. 

This is getting into intertraders' XML/X which I am watching and if possible
will aim to conform with.  Using public keys as 'account' identifiers is a
little different from your average bank.

> Another important issue is the automated management of trust and
> reputation, allowing customers to make (automated) trust decisions on
> providers of services and goods (including both financial services and
> merchants). Here I agree with Andrew that for many applications,
> financial transactions should not be reversible (disputed), and hence
> trust and reputation becomes the main means for consumer protection. 

There are two basic trusts, that of:
1)Honesty and security of a mint, only establishable by openness and time
proven reliability.
2)Trading history of trading partners.

Trust of the mint requires no disputed transactions, no frozen accounts and
no reversals.  Any of these actions can be abused.  Either a signature is
good or it is not.

Time and web-of-trust sorts these out (perhaps adapt Leviens' trust metric
howto for financial?), it just needs to be presented in an easy user
friendly way.
> Regards, Amir Herzberg
> See  for lectures and
> draft-chapters from book-in-progress, `secure communication 
> and commerce
> using cryptography`; feedback welcome!

Looks interesting, will have to have an in depth browse.
Just had a quick squiz at the micropayments and spotted this
should change this but:
	However, currently there is no dominant single PSP for

I think e-gold deserves a mention, I think they hit US$8M
transactions/24hours a week or so ago, last 24h was just $3.9m.  I have been
known to give away the odd cent, so micro payments are definitely there.  

Also is it just me or does the face in "Figure 3: Online Payments Invoked by
Consumer" look like a certain desert dweller?

Will have proper read later on.

	cya,	Andrew...

This e-mail and any attachment is for authorised use by the intended recipient(s) only.  It may contain proprietary material, confidential information and/or be subject to legal privilege.  It should not be copied, disclosed to, retained or used by, any other party.  If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender.  Thank you.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list