[Cryptography] Proposal of a fair contract signing protocol
Miles Fidelman
mfidelman at meetinghouse.net
Tue Jun 21 20:02:19 EDT 2016
On 6/21/16 7:01 PM, mok-kong shen wrote:
> Am 22.06.2016 um 00:33 schrieb Miles Fidelman:
>> On 6/21/16 6:14 PM, mok-kong shen wrote:
>>
>>> Am 21.06.2016 um 18:50 schrieb Christian Huitema:
>>>> On Monday, June 20, 2016 3:24 PM, mok-kong shen wrote:
>>>>>
>>>>> Am 20.06.2016 um 05:05 schrieb Peter Fairbrother:
>>>>>> On 19/06/16 17:51, mok-kong shen wrote:
>>>>>> [..]
>>>>>>
>>>>>>> [Addendum 19.06.2016] There are literatures which claim (if I have
>>>>>>> not
>>>>>>> misinterpreted) that protocols of our genre are impossible.
>>>>>>
>>>>>> They are impossible.
>>>>>>
>>>>>> This is known as the two generals problem:
>>>>>>
>>>>>> https://en.wikipedia.org/wiki/Two_Generals%27_Problem
>>>>>>
>>>>>
>> If we're including negotiation in the process, then we're talking about
>> the more general case of the Byzantine Generals Problem -
>> https://en.wikipedia.org/wiki/Byzantine_fault_tolerance (also
>> unsolvable)
>
> Sorry that I don't yet understand what you meant. From my standpoint
> I have designed a certain protocol that is intended to serve a certain
> purpose. Thus IMHO what has to be discussed/debated includes: (1) Does
> the protocol correctly function? (2) Is it new at all? (3) Are there
> better (more efficient) protocols. There may be generalizations that
> achieve much more than what I had in mind, but that's beyond my current
> personal interests/capabilities.
>
Several folks have pointed out that, functionally, you're trying to
solve the "Two Generals Problem." I've pointed out that it looks like
you're trying to solve the more general case - generally referred to as
the "Byzantine Generals Problem" or "Byzantine Agreement."
Both problems have been studied, in great details, over the years - and
the math seems to show that there a general case solution is
mathematically impossible. (I don't claim to follow all of the math,
but lots of people have worked through it.) There are practical,
limited solutions - also widely studied (particularly for applications
like recovery from split-brain situations in fault-tolerant systems).
The more general solution seems to require a trusted third party.
I think what people are telling you is that you can argue the merits of
your approach all you want - but the math has already been worked, and
if you want to understand the limits of what you're proposing, you
should go study the math, rather than engage in torturous verbal
discussions.
Miles Fidelman
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
More information about the cryptography
mailing list