[cryptography] Define Privacy

Benjamin Kreuter brk7bx at virginia.edu
Sun Oct 26 22:45:46 EDT 2014


On Sun, 2014-10-26 at 10:35 +0000, ianG wrote:
> On 22/10/2014 03:22 am, Jason Iannone wrote:
> > On a fundamental level I wonder why privacy is important and why we
> > should care about it.
> 
> 
> Financial privacy is all about theft.  If someone knows where the money
> is, it can be stolen.  It works statistically, in that the set of
> attackers is typically not well known, so people tend to habitualise
> financial privacy.

There is more to financial privacy than that.  In any market knowing
someone's financial condition gives you an advantage over them, and
maintaining financial privacy gives you an advantage over others.

For example, suppose you and I are competing in a blind auction.  If I
know a lot about your finances, I can make a smarter bid.  If I know
little, I will have to make a riskier bid to ensure I win.  A similar
situation arises when negotiating prices -- the more you know about your
opponent's finances the better the outcome will be for you.

Even if there was no theft at all financial privacy would matter.  It is
about the balance of power.

> One can get into trouble mixing financial privacy with other forms of
> privacy.  The conversation gets tortured.  A system to protect money
> might provide for split keys, which results in less 'privacy' but more
> security.  As security of money is the number 1 goal of any money
> system, other forms of privacy might be compromisable, it isn't an
> absolute.
> 
> This philosophical flaw might be levelled at Digicash which placed the
> blinding formula on a pedestal, and we can note the irony of financial
> privacy with Bitcoin.

The problem with Digicash is that it could only be deployed by banks of
some kind.  Why would a bank ever want to give up information about its
customers, especially when doing so would mean deploying a new
infrastructure on a massive scale?  Fraud is a problem that can be
dealt with without banks having to provide more privacy for their
customers (and that is exactly what has happened).

-- Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20141026/d94acba0/attachment.asc>


More information about the cryptography mailing list