"How do we let financial cryptographers put in place systems that serve society?"
I think what we need is for the "authorities" to indulge in rational requirements analysis and then let the cryptographers work on the design. "We must monitor every transaction" is not a rational requirement.
Personally, I think that cryptographers can deliver systems that provide both more monitoring and more privacy, if you see what I mean. So, it ought to be uneconomical for someone to trawl through and decode transactions records but straightforward to provide decoded transaction records given a warrant (to give one quickly thought of example).
Posted by Dave Birch at August 21, 2006 11:44 AMHi All,
As one who designs and relys upon "assasination grade" type systems, let me add that the ultimate marketability of a system is if the "street" accepts same this is why systems like Halwa became popular, "they" cant afford to screw you over(like the local dealer) for fear you will rat out the actors, and the ethnicity of halwa doesnt hurt for security reasons either.
I DONT give a DAMN about LEOs interest, its possible to bootstrap anonymous digital cash systems, if one is personally immune to being coerced oneself(for reasons of legality or anonymity(think VONU))
regards
gwen
Dave: yes, all that is possible. Rational requirements arise from those who have to pay for the service, and that might be a lot to expect. In terms of designs that I have seen, the quality of information for precise and valuable monitoring can't be beat -- because we design it to protect ourselves from both insider and outsider attack. But if we were to interpret non-paying parties' desires as requirements, the quality of information available generally drops, as well as the survivability of the system. There's no way that I know to have that dialogue.
Gwen is of course right. The ultimate test of any system is if it street acceptable, or more generally opens up an arbitrage or efficiency benefit. This is more important than it seems as it speaks to the survivability of the system.
E.g., few pure digital payment systems are acceptable on the street, smart crooks won't touch anything they don't understand and can't audit by themselves. This is one of the reasons (factors) in the failure of smart card money; the street universally rejected them so there was no early adopter market. Without being able to compete with cash, it had no support base.
The same thing is true in other markets -- videos and iPods being canonical cases. Again, there's no way to have this dialogue....
Posted by Iang at August 22, 2006 05:21 AM