BKDGTCSH.RVW 961013 "Digital Cash: Commerce on the Net", Peter Wayner, 1996, 0-12-738763-3 %A Peter Wayner pcw@access.digex.com %C 1300 Boylston Street, Chestnut Hill, MA 02167 %D 1996 %G 0-12-738763-3 %I Academic Press Professional %O 619-699-6735 fax: 619-699-6380 app@acad.com 800-321-5068 %O http://www.amazon.com/exec/obidos/ASIN/0127387633/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0127387633/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0127387633/robsladesinterne %P 271 %T "Digital Cash: Commerce on the Net" Wayner's book actually covers much more territory than simply commerce on the current Internet. There is an overview of current and developing implementations and technologies. More than that, however, the author provides a very thought provoking look at what cash is: the aspects of confidence (trust), confidentiality (privacy), commitment (non-repudiation), divisibility and so forth that are part of any non- barter system of commerce. The review concentrates on existing technologies and gives a realistic appraisal of the strengths, weaknesses and uses of each. Closing chapters provide an interesting look at money past, and possibly future. The foundational chapters, although they exist, are the weak point of the book. It isn't quite accurate to say that they are non-technical. It is likely that they are *too* technical. DES (the Data Encryption Standard), RSA (the Rivest-Shamir-Adleman algorithm) and other forms of encryption are described with pages of mathematics. What is missing, though, is any assessment of the reliability or strength of encryption systems for those who don't live and breathe number theory. The lack of straightforward discussion of the United States government policy on encryption is also a weakness. Combined, this allows misleading statements such as the one that "full 768 bit RSA as well as DES encryption ... can't be used to keep secrets." (That statement is not made in the description of either RSA or DES, but rather in a very short section dealing with the availability of a system called CyberCash for export.) Electronic commerce, and, by extension, the operation of digital cash, must operate over unsecured networks and channels. Therefore, the various function of digital cash, in terms of authentication, privacy, confidentiality, non-repudiation, and so forth, must rest on a foundation of encryption. (This is basically true of almost any form of data security.) The foundations are supposedly laid in chapter two. There is some discussion of private key encryption, using DES, and public key encryption, using RSA. Wayner even goes a fair way to providing details on these algorithms, listing tables of transforms used in DES. A fair way, but not all the way. Oddly, given the amount of detail he does provide, Wayner does not give all the steps. That, however, is really beside the point. That the curious user cannot recreate encryption algorithms is only of interest to a select few. Most people, and particularly those who are interested in using digital cash for real business purposes, rather than as an academic exercise, want to know whether digital cash truly is secure. A business will have no interest in digital cash if they will be flooded with repudiable orders. A bank will have no interest in "certificates" that can be churned out with a simple copy command. The details of encryption only serve as fodder for a discussion of the "strength" of a given form of encryption. How much "stronger" is a key of 56 bits than one of 40? Is key length the only factor, or is an RSA key stronger than a DES key of the same length? How much stronger is "triple DES" than plain vanilla DES? As data security people all know, there is no such animal as "unbreakable" encryption. Strength is a matter of time. There is always a way to "attack" encryption: the significant issue is how long will it take, and how much computing power has to be put into the effort. An encryption standard such as RSA rests on very well known and long tested mathematical foundations: the effort needed to find large prime numbers. Mathematicians have been working on the problem for years, and know where you can, and can't, take shortcuts, and just how much time you can save. Thus it can be determined, on a statistical basis, how long it would take someone to find the prime numbers that a given (RSA) public key pair uses. Generally, this is the only way to attack public key cryptography, and so you have a very good measure of strength. (This is only a quick summation, and does disregard the effects of poor implementations which may return valuable information to outside observers.) What Wayner does not do, is to seriously examine the weaknesses of the standard encryption systems. Why is "key length" of such vital concern to the US government? Could a 64 bit key with 24 bits "escrowed" actually be weaker than a straight 40 bit key? How "good" are keys of 40, 64, 128, 512 and 1024 bits? These are somewhat technical questions, true, but the admirable work that Wayner has done in reviewing the commercially available applications is seriously weakened by the lack of basic standards to judge by. For those who are planning to think about online commerce, this provides considerable food for thought. For those planning to work with online commerce, additional background is needed. copyright Robert M. Slade, 1995, 1996 BKDGTCSH.RVW 961013