|
| |
Initially, the Internet was designed to be used by government and academic users, but
now it is rapidly becoming commercialized. It has on-line "shops", even
electronic "shopping malls". Customers, browsing at their computers, can view
products, read descriptions, and sometimes even try samples. What they lack is the means
to buy from their keyboard, on impulse. They could pay by credit card, transmitting the
necessary data by modem; but intercepting messages on the Internet is trivially easy for a
smart hacker, so sending a credit-card number in an unscrambled message is inviting
trouble. It would be relatively safe to send a credit card number encrypted with a
hard-to-break code. That would require either a general adoption across the internet of
standard encoding protocols, or the making of prior arrangements between buyers and
sellers. Both consumers and merchants could see a windfall if these problems are solved.
For merchants, a secure and easily divisible supply of electronic money will motivate more
Internet surfers to become on-line shoppers. Electronic money will also make it easier for
smaller businesses to achieve a level of automation already enjoyed by many large
corporations whose Electronic Data Interchange heritage means streams of electronic bits
now flow instead of cash in back-end financial processes. We need to resolve four key
technology issues before consumers and merchants anoint electric money with the same real
and perceived values as our tangible bills and coins. These four key areas are: Security,
Authentication, Anonymity, and Divisibility.
Commercial R&D departments and university labs are developing measures to address
security for both Internet and private-network transactions. The venerable answer to
securing sensitive information, like credit-card numbers, is to encrypt the data before
you send it out. MIT’s Kerberos, which is named after the three-headed watchdog of
Greek mythology, is one of the best-known-private-key encryption technologies. It creates
an encrypted data packet, called a ticket, which securely identifies the user. To make a
purchase, you generate the ticket during a series of coded messages you exchange with a
Kerberos server, which sits between your computer system and the one you are communicating
with. These latter two systems share a secret key with the Kerberos server to protect
information from prying eyes and to assure that your data has not been altered during the
transmission. But this technology has a potentially weak link: Breach the server, and the
watchdog rolls over and plays dead. An alternative to private-key cryptography is a
public-key system that directly connects consumers and merchants. Businesses need two keys
in public-key encryption: one to encrypt, the other to decrypt the message. Everyone who
expects to receive a message publishes a key. To send digital cash to someone, you look up
the public key and use the algorithm to encrypt the payment. The recipient then uses the
private half of the key pair for decryption. Although encryption fortifies our electronic
transaction against thieves, there is a cost: The processing overhead of
encryption/decryption makes high-volume, low-volume payments prohibitively expensive.
Processing time for a reasonably safe digital signature conspires against keeping costs
per transaction low. Depending on key length, an average machine can only sign between
twenty and fifty messages per second. Decryption is faster. One way to factor out the
overhead is to use a trustee organization, one that collects batches of small transaction
before passing them on to the credit-card organization for processing. First Virtual, an
Internet-based banking organization, relies on this approach. Consumers register their
credit cards with First Virtual over the phone to eliminate security risks, and from then
on, they uses personal identification numbers (PINs) to make purchases.
Encryption may help make the electric money more secure, but we also need guarantees that
no one alters the data--most notably the denomination of the currency--at either end of
the transaction. One form of verification is secure hash algorithms, which represent a
large file of multiple megabytes with a relatively short number consisting of a few
hundred bits. We use the surrogate file--whose smaller size saves computing time--to
verify the integrity of a larger block of data. Hash algorithms work similarly to the
checksums used in communications protocols: The sender adds up all the bytes in a data
packet and appends the sum to the packet. The recipient performs the same calculation and
compares the two sums to make sure everything arrived correctly. One possible
implementation of secure hash functions is in a zero-knowledge-proof system, which relies
on challenge/response protocols. The server poses a question, and the system seeking
access offers an answer. If the answer checks out, access is granted. In practice,
developers could incorporate the common knowledge into software or a hardware encryption
device, and the challenge could then consist of a random-number string. The device might,
for example, submit the number to a secure hash function to generate the response.
The third component of the electronic-currency infrastructure is anonymity--the ability to
buy and sell as we please without threatening our fundamental freedom of privacy. If
unchecked, all our transactions, as well as analyses of our spending habits, could
eventually reside on the corporate databases of individual companies or in central
clearinghouses, like those that now track our credit histories. Serial numbers offer the
greatest opportunity for broadcasting our spending habits to the outside world. Today's
paper money floats so freely throughout the economy that serial numbers reveal nothing
about our spending habits. But a company that mints an electric dollar could keep a
database of serial numbers that records who spent the currency and what the dollars
purchased. It is then important to build a degree of anonymity into electric money. Blind
signatures are one answer. Devised by a company named DigiCash, it lets consumers scramble
serial numbers. When a consumer makes an E-cash withdrawal, the PC calculates the number
of digital coins needed and generates random serial numbers for the coins. The PC
specifies a blinding factor, a random number that it uses to multiply the coin serial
numbers. A bank encodes the blinded numbers using its own secret key and debits the
consumer's account. The bank then sends the authenticated coins back to the consumer, who
removes the blinding factor. The consumer can spend bank-validated coins, but the bank
itself has no record of how the coins were spent.
The fourth technical component in the evolution of electric money is flexibility.
Everything may work fine if transactions use nice round dollar amounts, but that changes
when a company sells information for a few cents or even fractions of cents per
page, a business model that's evolving on the Internet. Electric-money systems must be
able to handle high volume at a marginal cost per transaction. Millicent, a division of
Digital Equipment, may achieve this goal. Millicent uses a variation on the digital-check
model with decentralized validation at the vendor's server. Millicent relies on
third-party organizations that take care of account management, billing, and other
administrative duties. Millicent transactions use scrip, digital money that is valid only
for Millicent. Scrip consists of a digital signature, a serial number, and a stated value
(typically a cent or less). To authenticate transactions, Millicent uses a variation of
the zero-knowledge-proof system. Consumers receive a secret code when they obtain a scrip.
This proves ownership of the currency when it's being spent. The vendor that issues the
scrip value uses a master-customer secret to verify the consumer's secret. The system
hasn't yet been launched commercially, but Digital says internal tests of transactions
across TCP/IP networks
indicate the system can validate approximately 1000 requests per second, with TCP
connection handling taking up most of the processing time. Digital sees the system as a
way for companies to charge for information that Internet users obtain from Web
sites.
Security, authentication, anonymity, and divisibility all have developers working to
produce the collective answers that may open the floodgates to electronic commerce in the
near future. The fact is that the electric-money genie is already out of the bottle. The
market will demand electric money because of the accompanying new efficiencies that will
shave costs in both consumer and supplier transactions. Consumers everywhere will want the
bounty of a global marketplace, not one that's tied to bankers' hours. These efficiencies
will push developers to overcome today's technical hurdles, allowing bits to replace paper
as our most trusted medium of exchange.
--------------------------------------------------------------
|