[Cryptography] Komitments

Phillip Hallam-Baker phill at hallambaker.com
Wed Dec 19 16:54:10 EST 2018


On Wed, Dec 19, 2018 at 1:55 PM Richard Clayton <richard at highwayman.com>
wrote:

> In message <AM4PR0701MB2226D4711F9F99CED6FDC32CC4BE0 at AM4PR0701MB2226.eur
> prd07.prod.outlook.com>, =?utf-8?B?T3NtYW4gS3V6dWN1IEhvc3RpbmcgV2ViIFRhc
> 2FyxLFtIEdyYWZpaw==?= <bizbucaliyiz at hotmail.com> writes
>
> Hash commitment (and indeed signing) is merely a building block. A
> protocol needs to put the blocks together in a useful manner (to tackle
> some real world issue); and it is there within that concept of "put
> together" where most of the demons reside...
>

Indeed and if a system is going to be any use at all, it has to be
implemented and if it is to be widely used, the human factors considered.

A lot of my frustration with the literature is that if you do a search for
commitment schemes, you get dozens of hits for esoteric protocols with zero
knowledge proofs and such. Practical considerations of the simplest schemes
are much harder to find.

Also, we have a tendency to reach for encryption as our go-to tool even
when the problem at hand is authentication. And rather oddly, the converse
is also true with people proposing blockchain as the answer to every
confidentiality problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20181219/9e9fd786/attachment.html>


More information about the cryptography mailing list