[Cryptography] Proposal of a fair contract signing protocol

Miles Fidelman mfidelman at meetinghouse.net
Tue Jun 21 20:02:19 EDT 2016 


On 6/21/16 7:01 PM, mok-kong shen wrote:
> Am 22.06.2016 um 00:33 schrieb Miles Fidelman:
>> On 6/21/16 6:14 PM, mok-kong shen wrote:
>>
>>> Am 21.06.2016 um 18:50 schrieb Christian Huitema:
>>>> On Monday, June 20, 2016 3:24 PM, mok-kong shen wrote:
>>>>>
>>>>> Am 20.06.2016 um 05:05 schrieb Peter Fairbrother:
>>>>>> On 19/06/16 17:51, mok-kong shen wrote:
>>>>>> [..]
>>>>>>
>>>>>>> [Addendum 19.06.2016] There are literatures which claim (if I have
>>>>>>> not
>>>>>>> misinterpreted) that protocols of our genre are impossible.
>>>>>>
>>>>>> They are impossible.
>>>>>>
>>>>>> This is known as the two generals problem:
>>>>>>
>>>>>> https://en.wikipedia.org/wiki/Two_Generals%27_Problem
>>>>>>
>>>>>
>> If we're including negotiation in the process, then we're talking about
>> the more general case of the Byzantine Generals Problem -
>> https://en.wikipedia.org/wiki/Byzantine_fault_tolerance (also 
>> unsolvable)
>
> Sorry that I don't yet understand what you meant. From my standpoint
> I have designed a certain protocol that is intended to serve a certain
> purpose. Thus IMHO what has to be discussed/debated includes: (1) Does
> the protocol correctly function? (2) Is it new at all? (3) Are there
> better (more efficient) protocols. There may be generalizations that
> achieve much more than what I had in mind, but that's beyond my current
> personal interests/capabilities.
>

Several folks have pointed out that, functionally, you're trying to 
solve the "Two Generals Problem."  I've pointed out that it looks like 
you're trying to solve the more general case - generally referred to as 
the "Byzantine Generals Problem" or "Byzantine Agreement."

Both problems have been studied, in great details, over the years - and 
the math seems to show that there a general case solution is 
mathematically impossible.  (I don't claim to follow all of the math, 
but lots of people have worked through it.)  There are practical, 
limited solutions - also widely studied (particularly for applications 
like recovery from split-brain situations in fault-tolerant systems).  
The more general solution seems to require a trusted third party.

I think what people are telling you is that you can argue the merits of 
your approach all you want - but the math has already been worked, and 
if you want to understand the limits of what you're proposing, you 
should go study the math, rather than engage in torturous verbal 
discussions.

Miles Fidelman


-- 
In theory, there is no difference between theory and practice.
In practice, there is.  .... Yogi Berra

More information about the cryptography mailing list