[Cryptography] Checkoin: physical crypto-cash

[Camille Harang]

Hi Erik, thanks for your message. Signature is for authenticating the
origin, it's one part of the protocol, the other part ensures that it
hasn't been duplicated. Please take the time to read the specs, it's all
explained there. I already took the time to synthesize it the initial
post, I copy paste it here for convenience, but the big picture is in
the specs :

"There are three main layers of verifications, first one is geolocation
(non mandatory, anonymous and optionally encrypted) in order to detect
duplicate UUID in circulation (distance and time would become
inconsistent, so the packaging identified as corrupted), second layer is
the display of information about the packaging provided by the
manufacturer (e.g. hologram check information, high resolution of the
packaging when manufactured with unique details such as random paint
splashes, etc.) and third layer is an optional cryptographic check if
the package comes with a microchip (recommended for packagings carrying
high value assets) which retrieves the public key of the microchip on
the blockchain and asks it to sign random data with the private key
present in the chip."

Thank you,

Camille.


Le 16/07/2017 à 17:10, erik a écrit :
> Let's say that I have a golden eagle that has it's UUID registered on
> the blockchain.
>
> I can just copy the actual information and pretend that it is the original.
>
> I'm going to sign this email. That doesn't prevent anyone from making a
> copy of this text that also can be verified, they cannot change any of
> the words, but the signature would still check out.
>
> That's fine for e-mails because we're only interested usually in
> ensuring that the actual words are words that I did, in fact, put out
> there and that they are unmodified.
>
> When it comes to gold, we not only need to ensure that the signatures
> check out, but that they are not a copy as well.
>
> How does your software verify what's in the actual package? Does it
> somehow manage to do a signature of real-life objects?
>
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170716/70b46827/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170716/70b46827/attachment.sig>