Looking Over the ‘Blind Signatures For Untraceable Payments’ Paper


Hey guys and girls! Welcome back to the channel. My name is Jake Owens and this is Millionaire
Mindset Hub. In this episode, we’re going to do something
a little bit different, I’m going to go completely off script. It’s going to be completely new for me, completely
new for you and we’ll see how that goes. Now, what is going to be happening in this
video is, if you recall last week and the week before we looked into the history of
digital currencies. Now what we found was that David Chaum, an
American computer scientist and cryptographer created the first research paper regarding
cryptocurrencies. So what I thought would be fun is, I’ve got
my hands on a copy of this document in a PDF and i’ll put the link to it in the description
box below so that you can check it out yourself if you are interested. So what I’m going to do in this video is go
through it with you guys so that we can get a really good in-depth analysis on where he
was coming from and basically the original idea and conception for digital currencies. Now, I must apologise for my mic, I usually
have it a little bit differently set up so I get a little bit better audio quality but
unfortunately what I have to do now, because this room is so echoey I’ve had to tie a tissue
around my microphone so that the echo sound isn’t as prominent. So I do apologise if the audio in this sucks
but please bare with me on that. So, I have got it all set up in here. So, basically this document is called ‘Blind
Signatures Fr Untraceable Payment’. As I said, it was made by David Chaum in the
department of computer science in The University of California which I believe was made in
1983 but you might want to fact check me on that if you go back to the previous video. So, the introduction says automation of the
way we pay for goods and services is already underway, as can be seen by the variety and
growth of electronic banking services available to customers. The ultimate structure of the new electronic
payments system may have a substantial impact on personal privacy as well as on the nature
and extent of criminal use of payments. Ideally, a new payments system should address
both of these seemingly conflicting sets of concerns. Now, what I find really interesting in this
first paragraph is that straight away we go into the issue of privacy. Unlike with cash there’s no surveillance of
any kind and its untraceable, you can pass cash around place to place and buy things
with it and nobody has to know. Whereas now with the invention of the credit
card and online payment systems your bank would be able to track and trace everything
that you send. A lot of people find that an issue. For example, and this is something that I
hear quite often, the argument is that “if you don’t have anything to hide then it doesn’t
matter if someone traces your spending habits” but the problem is, a counter argument to
that is that, let’s just say insurance companies something that is known to happen is that
they will trace your expenditure, say grocery shopping and if they notice that you buy a
vast quantity or even slightly above average quantity of alcohol, they could change your
premium and the price you pay for your insurance based on your individual spending habits. So in this first paragraph, it basically outlines
that point of privacy and is a big reason why I think David Chaum created this new payment
system of cryptocurrencies. Now let’s go onto the second paragraph. So, on the other hand, knowledge by a third
party of the payee amount, and time of payment for every transaction made by an individual
can reveal a great deal about the individuals whereabouts, associations and lifestyle. For example, consider payments for such things
as transportation, hotels, restaurants, movies, theatre, lectures, food, pharmaceuticals,
alcohol, books, periodicals, dues, religious and political contributions. And you know, that second paragraph goes into
what we just talked about in terms of anybody being able to track your spending habits. I mean, there are some positives. Let’s just say someone has stolen your credit
card, and they make a payment with that credit card you’re able to trace their whereabouts,
at what time etc. like that. With these online payment systems you’re able
to see where payment came from, where they go, be able to find criminals a lot easier
than with cash. Now, let’s go onto the third paragraph. On the other hand, as anonymous payment systems
like bank notes and coins suffers from lack of controls and security. For example, consider problems such as lack
of proof of payment, theft of payments media, and black payments for bribes, tax evasion,
and black markets. A fundamentally new kind of cryptography is
proposed here, which allows as automated payments systems with the following properties: (1) Inability of third parties to determine
payee, time or amount of payments made by an individual. (2) Ability of individuals to provide proof
of payment, or to determine the identity of the payee under exceptional circumstances. (3) Ability to stop use of payments media
reported stolen. So basically what David Chaum is doing, is
giving people an abundance of privacy until there is significant reason for them to be
thought of as criminals.So if there is sufficient evidence to suggest this transaction was a
criminal transaction you could be able to trace that and find out the identity of the
person. However, that would be very difficult which
means that for every other transaction that you wouldn’t want to put the time or effort
into finding out who this exact person is, you would leave them alone and they would
be subject to ultimate privacy. Blind Signature Cryptosystems: The new kind of cryptography will be introduced
first in terms of an analogy and then by description of its parts, their use, and the resulting
security properties. No actual example cryptosystem is presented. Basic Idea: The concept of a blind signature can be illustrated
by an example taken from the familiar world of paper documents. The paper analog of a blind signature can
be implemented with carbon paper lined envelopes. Writing a signature on the outside of such
an envelope leaves a carbon copy of the signature on a slip of paper within the envelope. Consider the problem fared by a trustee who
wishes to hold an election by secret ballot, but the electors are unable to meet to drop
their ballots into a single hat. Each elector is very concerned about keeping
his or her vote secret from the trustee, and each elector also demands the ability to verity
that their vote is counted. A solution can be obtained by use of the special
envelopes. Each elector places a ballot slip with their
vote written on it in a carbon lined envelope. Places the carbon lined envelope in an outer
envelope addressed to the trustee, with their own return address; and mails the nested envelopes
to the trustee. When the trustee receives an outer envelope
with the return address of an elector on it, the trustee removes the inner carbon lined
envelope from the outer envelope, signs the outside of the carbon lined envelope; and
sends the carbon lined envelope back, in a new outer envelope, to the return address
on the old outer envelope. Thus, only authorised electors receive signed
ballot slips. Of course, the trustee uses a special signature
which is only valid for the election. When an elector receives a signed envelope,
the elector removes the outer envelope; checks the signature on the carbon lined envelope;
removes the signed ballot slop from the carbon lined envelope; and mails the ballot to the
trustee on the day of the election in a new outer envelope. Without a return address. When the trustee receives the ballots, they
can be put on public display. Anyone can count the displayed ballots and
check the signatures on them. If electors remember some identifying aspect
of their ballot, such as the fiber patterns of the paper, they can check that their ballot
is on display. But since the trustee never actually saw the
allot slips while signing them (and assuming every signature is identical), the trustee
can not know any identifying aspect of the ballot slips. Therefore, the trustee can not know anything
about the correspondence between the ballot containing envelopes signed and the ballots
made public. Thus, the trustee can not determine how anyone
voted. Functions: Blind signature systems might be thought of
as including the features of true two key digital signature systems combined in a special
way with commutative style public key systems. The following three functions make up the
blind signature cryptosystem. (1) A singing function s’ known only to the
signer, and the corresponding publicly known inverse s, such that s(s'(x))=x and s give
no clue about s’. (2) A commuting function c and its inverse
c’. both known only to the provider, such that c'(s'(c(x)))=s'(x), and c(x) and s’ give
no clue about x. (3) A redundancy checking predicate r, that
checks for sufficient redundancy to make search for valid signatures impractical. Protocol: The way these functions are used is reminiscent
of the way the carbon paper lined envelopes were used in the example described above. (1) Provider chooses x at random such that
r(x), forms c(x), and supplies c(x) to signer. (2) Signer signs c(x) by applying s’ and returns
the signed matter s'(c(x)) to provider. (3) Provider strips signed matter by application
of c’, yielding c'(s'(c(x)))=s'(x). (4) Anyone can check that the stripped matter
s'(x) was formed by the signer, by applying the signers public key s and checking that
r(s(s'(x))). Properties: The following security properties are desired
of the blind signature system comprising the above functions and protocols. (1) Digital signature-anyone can check that
a stripped signature s'(x) was formed using signer’s private key s’. (2) Blind signature-signer knows nothing about
the correspondence between the elements of the signed matter s'(si) and the elements
of the set of unstripped signed matter s'(c(xi)). (3) Conservation of signatures-provider can
create at most one stripped signature for each thing signed by signer (i.e. even with
s'(c(x)) … s'(c(x)) and choice of c, c’, and xi, it is impractical to produce s”(y),
such that s(y) and y=xi). As is common in cryptographic work, the possibility
that the same random number could be generated independently is ignored. Untraceable Payment System: An example payment transaction will illustrate
how the blind signature systems introduced above can be used to make an untraceable payments
system. The critical concept is that the bank will
sign anything with its private key, but anything so signed is worth a fixed amount, say $1. The actors in the example below are a bank,
a payer, and a payee. A single note will be formed by the payer,
signed by the bank, stripped by the payer, provided to the payee, and cleared by the
bank. The following traces the detailed steps of
a single payment transaction: (1) Payer chooses x at random such that r(x),
and forms note c(x). (2) Payer forwards note c(x) to bank. (3) Bank signs note, i.e. forms s'(c(x)),
and debits payer’s account. (4) Bank returns the signed note, s'(c(x)),
to payer. (5) Payer strips by forming c'(s'(c(x)))=s'(x). (6) Payer checks note by checking that s(s'(x))=x
and stops if false. (7) Payer makes payment some time later by
providing note s'(x) to payee. (8) Payee checks note by forming r(s(s'(x)))
and stops if false. (9) Payee forwards note s'(x) to bank. (10) Bank checks note by forming r(s(s'(x)))
and stops if false. (11) Bank adds note to comprehensive list
of cleared noes and stops if note already on list. (12) Bank credits account of payee. (13) Bank informs payee of acceptance. Notice that by the blind signature property
above, when the bank receives a note to be cleared from the payee in step (9) the bank
does not know which payer the note was originally issued to in step (4). The digital signature and related conservation
of signatures properties above ensure that counterfeiting is not possible. Auditability: Extension of current practice suggests that
payers receive digital receipts from payees.These receipts would include the usual description
of the goods or services purchased, and the date. In addition, the receipt could also include
a copy of the note. Under exceptional circumstances, such as an
audit, the note would allow the payer, with the cooperation of the bank (and clearing
house(s) as described below), to verify which account the note was actually deposited to. A receipt indicating that a note was deposited
to an account other than the account actually deposited to would be evidence of fraud. One dissatisfied customer of a black market
could reveal a note supplied to the black market which could then be traced to the account
it ultimately ended up in. Uncleared notes reported as stolen could be
included on clearing house lists and thus be prevented from being cleared, stolen notes
cleared could be traced. Recipes issued by payee to payer provide control
over all outflows, and thus all flows of funds. A taxpayer could provide verifiable receipts
for any expenditures needed for tax audit. Individuals could be required to keep receipts
for substantial inflows, but inflow receipts maintained by organisations may be undesirable,
if they could reveal the organisations patrons. Elaborations: The simple system of the above example could
be extended in various way to provide economy of mechanism, desegregation of services, and
decentralisation. For example, obvious efficiencies would result
from use of multiple denomination notes. The banking and clearing house functions could
be separated. There might be multiple banks; multiple clearing
houses could serve different or overlapping tasks. Periodic changes of the key(s) used to sign
notes might increase security, increase auditability and reduce uncertainty about the rise of the
money supply. Summary And Implications: A new kind of cryptography, blind signatures,
has been introduced. It allows realisation of untraceable payments
systems which offer improvised auditability and control compared to current systems, while
at the same time offering increased personal privacy. Boom! We got through it. Now that was a very complicated document especially
when it got to the math part. But it just goes to show and this is the reason
why I wanted to do this video is because it really shows the intent behind cryptocurrencies. That from the very beginning they were all
about restoring privacy to the individual. It was acknowledging the fact that sometimes
you do need to know how money’s flowing incase there’s criminal activity within the black
market, bribery, blackmail, anything like that but also understanding that, or at least
under the perception of David Chaum that privacy should be restored with the individual. And it’s a really good indication to see why
cryptocurrencies have gained such a big traction with libertarians, because it is all about
privacy and decentralisation, and allows person to person transactions rather than having
to go through a third party. So, yeah.. it’s a really fascinating document. I’ve put a link to it in the description box
below if you want to check it out in more detail, it’s a very important document in
history. It’s what has lead to currencies today such
as Bitcoin, Litecoin, Ethereum and this could be the founding document of the future of
mainstream currency. So, it’s something that I find really interesting
and I’m happy that we went through it together. I am also planning do a video like this on
the document that came out in 2008 about Bitcoin. So anyways, I hope you enjoyed the video! If you’ve got any questions or would just
like to reach out and say “Hi!” you know what to do, just put it down in the comment section
below or feel free to PM me. If this video provided you with any value,
and you feel that way inclined, please hit that subscribe button and like the video. Again, thanks a ton for watching 🙂 And I’ll see you guys in the next episode
😀 Cheers!

Add a Comment

Your email address will not be published. Required fields are marked *