In order to facilitate anonymous key acquisition by the consumer, the
transaction log is publicly readable. While the logged message
( 
) does not contain sensitive information, it might be used
to determine the merchant's identity. Extra privacy could be supported
by including a secret key (s) in the purchase messages. In fact, if
n is required to be randomly selected and is sufficiently large,
then n could be used as this secret key. The logged message would be
encrypted using the secret key so that only the parties of the
transaction could read ( ). To support efficient lookups, a
function on known data could be used to generate indices for log
entries (e.g. 
).
For even greater privacy, the log could be
left unaware of the secret key and simply time-stamp, sign, and record
any received messages (and their indices). This would require a
modification of the 
message to indicate that no message with
the given index was available at a specified time. Additionally,
should be left in plaintext so that the log can know not
to publish messages with timestamps greater than their values.