Re: More of Ben's blinding

[Anonymous]

Jason Holt writes:

> Anybody know of other patents which might get in the way?  I'm worried
> about Chaum's blind signature and undeniable signature patents, and want to
> present as patent-free a system as possible.

There was extensive discussion on coderpunks about possible patent
implications of Wagner blinding.  Using the g^b blinding makes things
potentially a little worse, because it requires the server to publish g
and g^k.  This can be considered a public key, and brings the situation
closer to the blind signature patent.

Wagner blinding can be thought of as a blinded undeniable signature.
It is like a blind signature in that the server doesn't see what it is
"signing".  And it is like an undeniable signature in that the validity
can only be checked with the aid of the server.  It seems likely that
Wagner could have patented his blinding along these lines if he had
wanted to.

So the problem is, if this is a blind + undeniable signature, doesn't
that suggest that it infringes on both the blind and the undeniable
signature patents?  To answer this you have to look at the claims in
detail.

You can differentiate from the undeniable signature patent in that
there is no repudiation protocol in the ecash system - no way for
the server to prove that a purportedly signed value is actually bad.
(Of course this lack is a weakness in an ecash system, since the bank
might like to be able to prove that bogus cash is just that; but if it
were remedied then Wagner blinding would almost certainly infringe the
undeniable signature patent.)

Differentiation from the blind signature patent is done simply by
asserting that this is not a signature.  That's why we are always careful
to put "sign" into quotes when referring to server operations.  It's not
a signature because there is no way to independently verify it, which
one can argue is a de facto requirement for something to be considered
a signature.  But of course, by this definition the undeniable signature
is not a signature either.  Yet we call it a kind of signature.  If the
undeniable signature is a signature, then so is the Wagner blinding,
and so it is covered by the blind signature patent.

As you can see, the situation is murky.  One salvation is that the blind
signature patent will expire in about 3 years, and it is unlikely that
you will be successful enough in any project that it would be worthwhile
to sue you within that time frame.  Besides, everyone who takes control
of the blind sig patent soon goes broke, so they probably can't afford
a lawyer to sue you anyway.

You should be aware too that there are a number of credential patents,
which you can find by searching on the word credential.

> One more thing.  If the issuer returns the signature:
>
> (h1*g^b1 *h2*g^b2 *h3*g^b3...)^k
>
> Can I separate out any of the h^k values?  My system relies on that
> being hard.

Seems safe by the DDH assumption, which is that it is hard to recognize
that (g, g^a, g^b, g^ab) have the DH relationship.  If we let m = g^b
then this is (g, g^a, m, m^a).  In other words, we can't tell whether
two different values g and m are both being raised to the same power.

In your case, you know h1, h2, (h1h2)^k.  If you could then find h1^k,
you could construct a DDH tuple (h1, h1^k, h1h2, (h1h2)^k), so you
could violate the DDH assumption.  This is a little hand-wavy and only
deals with the two element case, but an argument along these lines will
probably work.

> If I replace h1 with (g^b0) and get the issuer to sign:
>
> ((g^b0)*g^b1 *h2*g^b2 *h3*g^b3...)^k
>
> I should be able to divide the two results and get h1^k.  But part of
> the cut-and-choose protocol will be to require that the n/2 checked documents
> are all valid and different from any previous instances of the protocol.  So
> it should be extremely hard for the user to sneak lots of previously used
> values and fake h's (which are really blinding factors) into the unrevealed
> documents.  But are there other ways to separate out signatures on individual
> h's?

You're really going to remember all the discarded h values from all the
previous instances of credential issuing?  Seems like it might be a lot of
data.  How many h values do you typically expect?

Maybe you could say more about the details of your credential system.
Such a system built on Wagner blinding might be very interesting.

NYT: Jim Bell = Osama bin Laden

[R. A. Hettinga]

http://www.nytimes.com/2002/06/07/opinion/07KRIS.html?pagewanted=print&position=top




June 7, 2002

All-American Osamas
By NICHOLAS D. KRISTOF

KALISPELL, Mont.

We Americans have conjured so specific a vision of terrorists - swarthy,
glowering Muslims mumbling fanatically about Allah - that we're missing the
threat from home-grown nuts, people like David Burgert.

Mr. Burgert, a 38-year-old who last made a living renting out snowmobiles
here in this spectacularly beautiful nook of northwestern Montana, had a
terror plan that made Osama bin Laden's look rinky-dink. Not content merely
to kill a few thousand people, Mr. Burgert's nine-member militia was
planning a violent revolution and civil war to overthrow the entire United
States government.

The plan, according to Sheriff James Dupont, was for the militia to use its
machine guns, pipe bombs and 30,000 rounds of ammunition to assassinate 26
local officials (including Mr. Dupont), and then wipe out the National
Guard when it arrived. After the panicked authorities sent in NATO troops,
true American patriots would rise up, a ferocious war would ensue, and the
U.S. would end up back in the hands of white Christians.

"The good thing is that most of the people who would do it are so stupid
that they would kill themselves first," said Sheriff Dupont, who runs the
law here in rugged Flathead County, which is bigger than all of Connecticut
and has lots more grizzly bears.

But the litany of domestic militia plots, failed ones, is still sobering.
In Michigan, militia members planned to bomb two federal buildings.
Missourians planned to attack American military bases, starting with Fort
Hood, Tex., on a day it opened to tens of thousands of visitors. California
militia members planned to blow up a propane storage facility. Most
unnerving, a Florida militia plotted to destroy a nuclear power plant.

If these were Muslims who were forming militias and exchanging tips for
making nerve gas, then we'd toss them in prison in an instant. But we're
distracted by our own stereotypes, searching for Muslim terrorists in the
Philippine jungle and the Detroit suburbs and forgetting that there are
blond, blue-eyed mad bombers as well. We're making precisely the mistake
that the Saudis did a few years ago: dismissing familiar violent fanatics
as kooks.

In fact, militia members and Al Qaeda members are remarkably similar. Both
are galvanized by religious extremism (America's militias overlap with the
Christian Identity movement, which preaches that Jews are the children of
Satan and that people of color are sub-human), both see the United States
government as utterly evil, and both are empowered by the information
revolution that enables them to create networks, recruit disciples and
trade recipes for bio- and chemical weapons.

It would be a mistake to put one's faith in the militias' eternal
incompetence. Jessica Stern of Harvard has written about an anti-government
activist named James Dalton Bell, who earned a degree in chemistry from
M.I.T. and is unquestionably brilliant. By age 14, he says, "I was studying
the isomerization of benzyl thiocyanate to the isocyanate."

Weren't we all? But Mr. Bell, who is now in jail, is also believed by the
authorities to have manufactured sarin, a nerve gas, in his basement. He
led a chemical attack against an I.R.S. office and wrote an Internet book
called "Assassination Politics," which outlines a very clever scheme to pay
for contract killings of federal officials with digital cash in a way that
preserves anonymity at both ends. There is also evidence that Mr. Bell
talked "hypothetically" of poisoning a city's water supply.

The things you learn in Montana: According to militia members here, the
World Trade Center attacks were a plot by the Feds to declare an emergency
and abolish the Bill of Rights; the Columbine school shootings were a
federal test of new mind-control technology; a map on a Kix cereal box
shows the occupation zones Americans will be herded into after the United
Nations takes over.

Another thing you learn here is how to deal with grizzlies. Don't be so
focused on a distant moose that you ignore the bear behind you. And if it
charges, stand your ground until it's 10 feet away, then shoot pepper spray
into its eyes, and - very quickly - step aside.

Right now, I'm afraid that the Bush administration is so focused on the
distant moose that we're oblivious to the local grizzlies like Dave Burgert
creeping up on us.

Copyright 2002 The New York Times Company | Permissions | Privacy Policy
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

All CE Courses $39.95!

[IQ - Net Study]

Title: All CE Courses $39.95!




  
 
  
 
  

 

  

 
  

 
   

   


  Convenience
  CE without Boundaries! Eliminate the hassle to conventional 
  CE alternatives, no classes, no travel, and no books! CE on 
  your time schedule.
    
  
   

Value
  InsuranceStudy courses are written for insurance professionals 
  by insurance professionals, in language and course style easy 
  to understand.
    
  
   

Ease 
  of Use
  Pace yourself through one of the easiest designed web sites 
  for CE! Automatic bookmarking of your course allows you to come 
  and go as you please. We remember where you left off.
    
  
   

CE 
  Tracking
  InsuranceStudy database keeps your course history in our CE 
  tracker! And you can add CE credits from other courses you have 
  taken outside of the Internet.
    
  
   

Immediate 
  Results 
  Your exam score is immediately passed on to you at the end of 
  the test, and our customer service department quickly mails 
  you a certificate and notifies your state where required to 
  do so.
    
  

  


	
  
  

 
  
Call or e-mail us today!
  

 
  

— or —
  

 
   

   

   

   
Please fill out the form below for more information
  
   
Name:
 
  

  
   
E-mail:
 
  

  
   
Phone:
 
  

  
   
City:
 
  

State:
 
  


  
   
 
 
  

 
 
  
  

  

  


  

 

 
  First time users 
are eligible for our Summer Giveaway after registering as a new member 
on our site and opening a course. Returning members are eligible after 
they open up a new course. There is no obligation to pay for 
any course until the user is ready to take a test. Members must have 
preexisting Internet service from a service provider to qualify.
  

  

  
   
 
   We don't want anyone 
to receiving our mailings who does not wish to receive them. This is a 
professional communication sent to insurance professionals. To be removed 
from this mailing list, DO NOT REPLY to this message. Instead, 
go here:  http://www.Insurancemail.net
Legal Notice

  

Free Website Drawing

[CDR Anonymizer]

email_100free






http://www.vermotion.com/images/email_100free.gif"; width=700 height=500 border=0 
usemap="#email_100free_Map">




http://www.vermotion.com"; 
target="_blank">
http://www.logosmart.com"; 
target="_blank">
http://www.isaacdesigns.com"; 
target="_blank">
http://www.vermotion.com/100free.html"; target="_blank">
http://www.vermotion.com/rules.html"; target="_blank">
http://www.vermotion.com/more.html"; target="_blank">
http://www.vermotion.com"; 
target="_blank">
mailto:[EMAIL PROTECTED]";>



 

Re: NYT: Jim Bell = Osama bin Laden

[Bill O'Hanlon]

On Fri, Jun 07, 2002 at 05:42:41PM -0400, R. A. Hettinga wrote:
> 
> 
> Another thing you learn here is how to deal with grizzlies. Don't be so
> focused on a distant moose that you ignore the bear behind you. And if it
> charges, stand your ground until it's 10 feet away, then shoot pepper spray
> into its eyes, and - very quickly - step aside.
> 



Subject: Bear Advisory
Date: Wed, 29 May 2002 11:24:38 -0400


The California State Department of Fish and Game is advising hikers,
hunters, fishermen and golfers to take extra precautions and keep alert for
bears while in the Yosemite and Mammoth areas. They advise people to
wear noise-producing devices such as little bells on their clothing to alert
but not startle the bear unexpectedly. They also advise carrying pepper
spray in case of an encounter with a bear.

It is also a good idea to watch for fresh signs of bear activity and
know the difference between black bear and grizzly bear droppings.
Black bear droppings are smaller and contain berries and possibly squirrel
fur.
Grizzly bear droppings have little bells in them and smell like pepper
spray.

Viagra Without A Doctor Appointment !!! 2081

[Mary]

Mary ([EMAIL PROTECTED]) on Saturday, June 8, 2002 at 01:57:02
---

body: **Viagra Without A Doctor's Appointment!!

**Fill Out Our Simple Online Form
**Our Doctor's Will Approve You In Minutes!

**Receive Your Prescription In 24 Hours By Fed Ex!!

**Other Prescriptions Are Available Also!

Click below:
http://www.mrpharms.com/00



To be removed from future mailing, please click below
http://61.129.81.68/remove/remove.htm


 3634

---