[Cryptography] threat models, was Krugman blockchain currency skepticism

[Patrick Chkoreff]

Benjamin Kreuter wrote on 08/06/2018 04:00 PM:

> Now you are shifting the goal posts.  I suggested e-cash as a way to
> defend against attacks on the users of the payment system e.g. a
> government pressuring a payment process to shut down some user's
> account.

That is true.  E-cash (blinded token) does prevent shutting down a
specific user, and that was the original threat model I posed here.

The only problem with e-cash is that it does not exist.  It does not
exist because it is too risky to implement.

> If the attack you are worried about is against the payment
> system itself...well, as I said elsewhere, there are no Bitcoin users
> in North Korea.

I believe you just made the best argument in favor of Bitcoin.  That is,
the only way to shut it down entirely is to implement North Korean
levels of authoritarian control over the Internet.  That is expensive
and difficult, with benefits that lower-level authoritarian
personalities might see as Pyrrhic.

In contrast, shutting down E-cash requires only a couple of
well-targeted and inexpensive "Mueller Attacks," which have the desired
intimidation effect without killing the golden goose of traditionally
controlled economic activity.  (For example, the single attack on E-gold
in 2007 killed an entire industry in the crib without no ill effects to
the wider economy.)

>   A government that wants to shut down an entire payment
> system can shut down the entire payment system, regardless of how the
> system works.
That is certainly true.  The only relevant question is whether the the
benefit of the attack exceeds the cost.  Lowering the benefit or raising
the cost are the only ways to tip that scale.  In the case of Bitcoin,
the cost of shutting down the entire system appears to be quite high.


-- Patrick