-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! I am a new member of this anti-spam hash-cash list. I was wondering, if the following idea would solve the BCC-related hashcash problem: The problem with BCC, as far as I can see, is that the X-HASH value must contain the email address of the BCC recipient, which needs to be hidden. In theory, we could use some sort of masking of this email address. And if we are at hashes, why not use them (after all, they are one-way, not only 2nd-preimage-resistant). So, hash the address, and use that(or some first bytes of that) instead of the email string. We are done - hmm, well, almost. Except that if the person thinks that the email might have been sent to someone he knows the email address of, he could check. Well, nothing is perfect.What do you think? Also, another thing. Is the length of the 0-bits that must be calculated by the sender fixed ? Because if so, the whole idea will be useless in about 8-12 years, given that the barrier will remain the same, but the runners (the computers) will become 4-8 times better jumpers(faster). Maybe the number of 0's that needed to be calculated should be increased propotionally(linearly, btw, since its effect is exponential anyways) to time(i.e. 2004, 2006, etc)? Also, a note on implementation. The random digits at the end of the 'date:email:random' that needs to hash to (00[..]xxx) should truly be random. Otherwise, the probability of collisions would rise high above the probablility of winning the lottery weeks on end. This is a matter of implementation, but I believe it should be emphasised. Generating truly random numbers is not as easy as people(programmers) think. Oh, well. Just to generate some discussion, this mail is not intended to start a war :O Máté -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEdy9ZuXopCweTRxMRAg7lAJ964m2qBdbzAlkT/ZAflFEl8Qq/6gCbBc8T TWO41In8Yp5VC+ZEj0WIMao= =M6Zy -----END PGP SIGNATURE-----