Pages:
Author

Topic: Mint Chip Technical Details - page 2. (Read 6140 times)

legendary
Activity: 1246
Merit: 1016
Strength in numbers
April 15, 2012, 08:57:54 AM
#52
Thus I am not sure the claim of even even psuedo-anonymity can be made. 

Quote from: caveden
If they really intended to make something as anonymous as cash...

I don't see any evidence that they ever intended it to be anonymous or even pseudo-anonymous. The official docs say that "no personal data is exchanged in the transaction", but that means the transaction between the buyer and the merchant. The block diagrams show that the chip's value is loaded from and redeemed to a linked bank account.

So the merchant may not know who you are, but the "trusted agent" surely does, and by extension you are not anonymous to the Mint and the Govt.

But you can use any mint chip you get right? The merchant doesn't get any info from the device so he can't know if it is 'yours'. I guess they could make selling, giving, and losing chips illegal.
donator
Activity: 826
Merit: 1060
April 15, 2012, 03:49:15 AM
#51
Thus I am not sure the claim of even even psuedo-anonymity can be made. 

Quote from: caveden
If they really intended to make something as anonymous as cash...

I don't see any evidence that they ever intended it to be anonymous or even pseudo-anonymous. The official docs say that "no personal data is exchanged in the transaction", but that means the transaction between the buyer and the merchant. The block diagrams show that the chip's value is loaded from and redeemed to a linked bank account.

So the merchant may not know who you are, but the "trusted agent" surely does, and by extension you are not anonymous to the Mint and the Govt.
sr. member
Activity: 350
Merit: 250
April 14, 2012, 08:28:02 PM
#50

perhaps you'd be able to power them on, but it is a two-way session and you are going to have to get a signal from the 5mm (wild ass guess) antenna inside the card back to you reader. gl w/that

besides, canada uses chips already on their cards (at least for debit) that require you to put the card physically in a machine. not a big stretch to think that they might use the same system here

Nobody I've seen in Canada requires the chip. Everybody is getting a new card w/a chip but there's still plenty of standard mag stripe readers around in case the customer doesn't have a chip. In fact every single store, and every private street ATM I've ever seen still uses the standard swipe model.

That Yagi-Uda antenna is crazy. I could see somebody like Max Vision setting it up in a hotel in my city and capturing hundreds of cards per hour, and now mintchips.
legendary
Activity: 2618
Merit: 1007
April 14, 2012, 07:04:28 PM
#49
On the other hand there is a nice talk about some SmartCards in Switzerland (http://www.youtube.com/watch?v=haDWFtMmZRs) where the authors were able to counterfeit and it's not very clear if the issuers did even notice. Similar systems are in use already for years in other countries too and even though it might be possible that there is also fraud going on, I haven't heard of any major arrests or anything like "100k Euro counterfeited in electronic money". More recently there was also a talk at a Chaos Communication Congress about a MIFARE system that was initially used for microtransactions (bus tickets) but got so popular that they decided that they expand it for bigger transactions. As it turned out, the money value there is just an integer stored in plaintext...

Of course here it seems like there's a more sophisticated system, but all in all to be safe you might need to reset your chip after every transaction you got as fast as possible to make sure you are the first one claiming an incoming transaction (I guess that double spends would be resolved like this).

Anyways, even though offline transactions are allowed and possible, you can only do a couple hundred of them, then you need to "Reset", most likely giving the transaction log to a central authority and not just deleting it. This means even if you manage to get transactions on your MintChip (which has a unique ID) only offline and want to cash out your 500 $ in 2 years the mint knows much earlier your likely balance + money flows, as most of the people will submit their transactions ("I transferred x amount of currency y to MintChip ID z") before that time.

Similar to the blocks in Bitcoin, that set transactions "in stone", the "Reset" mechanism in MintChips seems to be the way to detect and prevent double spending. Maybe they are even OK with double spends, maybe later they'll just include a "blacklist" of evil MintChip IDs that were used in double spends, since it's likely that it will be costly to extract a private key in the first place?
legendary
Activity: 1652
Merit: 2311
Chief Scientist
April 14, 2012, 06:22:29 PM
#48
If for example my chip has been loaded with double-spent Dollars without my knowledge, would I be denied that money at the next reset or not?
Good question. They're the Mint, so I bet they'll handle that the same way they handle somebody showing up at a bank with a bunch of counterfeit $100 bills: they'll ask you where you got them, and either throw you in jail (if they don't like your story) or tell you to be more careful about who you deal with and maybe direct you to some technology to help detect counterfeits in the future. But they won't let you deposit them or trade your bad money for good.

kjj
legendary
Activity: 1302
Merit: 1026
April 14, 2012, 06:05:28 PM
#47

perhaps you'd be able to power them on, but it is a two-way session and you are going to have to get a signal from the 5mm (wild ass guess) antenna inside the card back to you reader. gl w/that

besides, canada uses chips already on their cards (at least for debit) that require you to put the card physically in a machine. not a big stretch to think that they might use the same system here

Quite the opposite, actually.  Getting power into the inductor to activate the chip is the hard part.  Eavesdropping on the RFID handshake from dozens of feet away is easy.  And when I say "easy", I mean don't take your RFID tags to Vegas when Defcon is in town.
hero member
Activity: 798
Merit: 1000
April 14, 2012, 04:34:26 PM
#46

perhaps you'd be able to power them on, but it is a two-way session and you are going to have to get a signal from the 5mm (wild ass guess) antenna inside the card back to you reader. gl w/that

besides, canada uses chips already on their cards (at least for debit) that require you to put the card physically in a machine. not a big stretch to think that they might use the same system here
legendary
Activity: 2618
Merit: 1007
April 14, 2012, 09:07:59 AM
#45
...I bet before the end of the year either Apple will finally approve a Bitcoin app or there will be a nifty HTML5-based web wallet I can use on my iPhone...
Apple should not only accept Bitcoin, but should be creating hardware and apps if they want to stay relevant. Bitcoin will likely do to iTunes what mp3s did to Musicland.
Why didn't it do this then yet after _years_ of existence? Roll Eyes

Back to MintChips:
It might still be interesting to use them for buying Bitcoins and use them as "digital cash". One of the questions that remains for me is: "Is it theoretically possible that transactions get reversed under any circumstance?".

If for example my chip has been loaded with double-spent Dollars without my knowledge, would I be denied that money at the next reset or not?
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
April 14, 2012, 09:00:24 AM
#44
...I bet before the end of the year either Apple will finally approve a Bitcoin app or there will be a nifty HTML5-based web wallet I can use on my iPhone...
Apple should not only accept Bitcoin, but should be creating hardware and apps if they want to stay relevant. Bitcoin will likely do to iTunes what mp3s did to Musicland.

Steve jobs, via proxy: I approve this message.


donator
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
April 14, 2012, 08:29:49 AM
#43
...I bet before the end of the year either Apple will finally approve a Bitcoin app or there will be a nifty HTML5-based web wallet I can use on my iPhone...
Apple should not only accept Bitcoin, but should be creating hardware and apps if they want to stay relevant. Bitcoin will likely do to iTunes what mp3s did to Musicland.
kjj
legendary
Activity: 1302
Merit: 1026
April 14, 2012, 06:20:43 AM
#42
I'm going to assume it's exactly like the Visa/MC chips where it generates a unique handshake per transaction and somebody standing 10ft from you holding a RF reader bought from ebay can steal your coins and spend them without you ever knowing.



you need to be about an inch away but otherwise 100% accurate

Rebuttal
hero member
Activity: 868
Merit: 1008
April 13, 2012, 05:05:22 PM
#41
That information isn't provided in the very limited docs provided.  My assumption would be that all valid public keys have some cryptological property that allows identification.

IIUC they do. All chips (not just brokers) have a cert connected to the MintChip CA chain.

Cryptographically it's very straightforward and traditional. There is no support for anything resembling contracts or other complex transactions. You sign messages saying "increment your balance by X", and that's about it.

I'd like to see MintChip gain some of the features of Bitcoin, protocol wise. Cryptography based currencies are a new design space and can use some competition around different approaches. My gut feeling is that a hybrid solution would be best - using hardened chips can help Bitcoin, by making zero-conf offline transactions dramatically less risky, and a block chain can help MintChip by removing the "key leak = system doom" failure mode that undermines it today.
I can imagine three primary scenarios:
1) transactions secured by the bitcoin network as usual (subject to transactions fees, and waiting for confirmations, etc)
2) transactions using a privately issued coinage that is backed by bitcoin (enables near instant confirmations, zero fee micro transactions)
3) offline transactions using a privately issued coinage that is backed by bitcoin and using a mintchip like device for security (instant confirmation, zero fees, disconnected operation)

People would be able to select the type of transaction that's most appropriate for the features they need and the risk they're willing to assume. 

P.S. I really hate that some of the regulatory uncertainty is likely stifling innovation in this area.
legendary
Activity: 1106
Merit: 1004
April 13, 2012, 04:56:34 PM
#40
If they really intended to make something as anonymous as cash, they could have used a blinded signature algorithm like what's done in Open Transactions. Actually, they could become an Open Transaction issuer and server. That would be more anonymous than Bitcoin.

I'm not sure what they want, exactly.
legendary
Activity: 1526
Merit: 1134
April 13, 2012, 04:39:33 PM
#39
That information isn't provided in the very limited docs provided.  My assumption would be that all valid public keys have some cryptological property that allows identification.

IIUC they do. All chips (not just brokers) have a cert connected to the MintChip CA chain.

Cryptographically it's very straightforward and traditional. There is no support for anything resembling contracts or other complex transactions. You sign messages saying "increment your balance by X", and that's about it.

I'd like to see MintChip gain some of the features of Bitcoin, protocol wise. Cryptography based currencies are a new design space and can use some competition around different approaches. My gut feeling is that a hybrid solution would be best - using hardened chips can help Bitcoin, by making zero-conf offline transactions dramatically less risky, and a block chain can help MintChip by removing the "key leak = system doom" failure mode that undermines it today.
donator
Activity: 1218
Merit: 1079
Gerald Davis
April 13, 2012, 04:15:12 PM
#38
RE: anonymity: the anonymity model is similar to Bitcoin. Each physical MintChip is like a Bitcoin keypair, if you can easily buy/load a bunch of them anonymously then it will be hard for Them to track your purchases.

Big IF there.  The only entities which can load/unload chips are trusted brokers.

Initially I thought of that being a non-issue as currency could circulate internal perpetually however w/ 500 tx limit everything goes through brokers initially and eventually so the govt has a complete list of all tx (albeit delayed up to 500 tx per user).

Thus I am not sure the claim of even even psuedo-anonymity can be made. 

It would be trivial for the govt to put all tx in database, link that to ID information on each mint user, load amounts, and unload amounts and build a complete tx record of every single user.   Given the potential I don't see how the central bank says "no" the first time the Canadian IRS or Police want that information.

The Bitcoin comparison would be if Mt.Gox collected ID on all users (sadly they pretty much do), the only place you could buy Bitcoins was Mt.Gox, and the only place you could sell them was Mt.Gox and every 500 tx you had to turn over your entire tx log (tighly coupled to your ID) to Mt.Gox to otherwise any Bitcoins you hold would become worthless.  Oh and there is no internal (anonymous) mining of coins, all mining is done by Mt.Gox.
legendary
Activity: 1652
Merit: 2311
Chief Scientist
April 13, 2012, 04:01:09 PM
#37
RE: $100 per-transaction, $500 balance limit:

That makes perfect sense; they probably figured out about how much it will cost to hack a MintChip to get it's private key (dissolve case in acid, put it under an electron microscope, attach electrodes at exactly the right spots, etc...). Do a little calculation involving the cost of hacking one chip, the number of times you can double-spend before you're likely to get caught and the maximum amount per transaction and I bet they figure it doesn't pay.

Especially if online transactions "phone home" to detect double-spends.  If you have to physically walk to 500 different not-online merchants to get away with $50,000 worth of double-spends that's just like counterfeiting $100 bills, and that's an attack Mints have been pretty successfully dealing with for hundreds of years.

RE: anonymity: the anonymity model is similar to Bitcoin. Each physical MintChip is like a Bitcoin keypair, if you can easily buy/load a bunch of them anonymously then it will be hard for Them to track your purchases.

If MintChip fails I bet it is not due to hacking or lack of anonymity, but just due to the inconvenience of needing Yet Another Physical Doohickey. Paper money fits nicely into the wallet I already have, I don't want Yet Another Dongle on my keychain, and I bet before the end of the year either Apple will finally approve a Bitcoin app or there will be a nifty HTML5-based web wallet I can use on my iPhone...
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
April 13, 2012, 03:52:54 PM
#36

The designers finally released some more data on limitations

Heh, thanks D&T i read the mintchip thread and this is starting to look more like a joke to me. I'm really out of comparing points between mintchip and bitcoin, the later is the obvious winner.

their api ref. said the limit for a tx was about 16,000$ not 100$

agreed these limits are ridiculous ... now building a decentralized exchange using mint-chip seems pointless

legendary
Activity: 924
Merit: 1004
Firstbits: 1pirata
April 13, 2012, 03:47:47 PM
#35
Heh, thanks D&T i read the mintchip thread and this is starting to look more like a joke to me. I'm really out of comparing points between mintchip and bitcoin, the later is the obvious winner.
donator
Activity: 1218
Merit: 1079
Gerald Davis
April 13, 2012, 03:31:39 PM
#34
I never paid for a debit card or lost visa card replacements.

Of course you did just like you paid for all the bank's profit and all the merchants losses.  You paid for all of that in the form of higher prices.  Still it is an awesome model which VISA developed.  All the cost is obfuscated so customer just sees it as "free" and convenient.  Once you get a large enough network effect businesses are forced to play, cost goes up but is still hidden from the consumer.  As long as the consumer is happy VISA is happy.

Quote
you can speculate that mintchip will be a totally useless and costly if you want ....
I never said it would be useless but it surely won't be free.  

The designers finally released some more data on limitations

Quote
The maximum number of Credit transactions allowed before Reset: 500
The maximum number of Debit transactions allowed before Reset: 500
The maximum cumulative Credit value allowed before Reset: 50000.00
The maximum cumulative Debit value allowed before Reset: 50000.00
The maximum value allowed in a single Credit transaction: 100.00
The maximum value allowed in a single Debit transaction: 100.00
The maximum balance allowed: 500.00

http://mintchipchallenge.com/forum_topics/859

So if they stick w/ a $500 max balance and $100 max tx is more interesting that the marketing talk about micro transactions.

Looks like every 500 tx though you will need to have a Trusted Broker download the log, erase the chip storage, and reset the starting balance to end prior ending balance ("reset").    

Now about that claim of anonymity ...


legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
April 13, 2012, 03:29:33 PM
#33
It's for very small transactions, as in that's one of it's main benefits over say Paypal or Visa. It's not limited to small transactions. Obviously even if it was limited you could easily make a big transaction as the sum of many small transactions.

The design docs seem to indicate the chips will enforce a hard limit on the amount of funds which can be stored on each chip.  Of course the chips aren't free either.

So yeah I guess if you decide to buy 100 mintchips (at what $10 ea?) then pay a broker a fee for 100 loads on your 100 chips (will you even be able to do that, will broker's ask for detailed ID and limit one person to 1 active chip?) and hook them into a rats nets of usb cables and hub and use them to process 100x the enforced limit.

I doubt many people will do that.

What is the limit?  Well it is closed source and the specs don't state but I guarantee a limit will be enforced if no other reason than AML.  Also remember if a chip is hacked the amount of funds the central bank loses is directly related to the size of the chip (and # of tx that can be completed before blocking the hack) so there is another reason to limit both the max value on the chip and the max tx size.

I never paid for a debit card or lost visa card replacements.

you can speculate that mintchip will be a totally useless and costly if you want ....

i think its more useful to think mintchip will be an improvement on "Chipped money", and will have some degree of success. and then we can have some fun it with it.

Pages:
Jump to: