[hashcash] Re: stamp collisions

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tue, 31 Aug 2004, Hubert Chan wrote:

Yes.  That's why you still need the sender=<email address> extension.

Anyways, I feel pretty safe using a resolution that's on the order of one day. But for people really worried about collisions, that's one thing that you can do. Even if the date in the stamp stays with a one-day resolution, you can add a time value as an extension. 
============

i'm not entirely sure why i don't like that extension... maybe because it makes the header bigger...? maybe because it can be used for "joe jobs"...?


OK, it doesn't have to be sequential then. Use a pseudo-random number generator with a large cycle length and that depends on your own secret key.

(of course, having this "counter" also requires that hashcash save the seed/counter value between runs, which probably should be avoided.) 
=============

what you're describing is similar to GnuPG's "random_seed" file, and that does seem like overkill for hashcash.

the three simple sources of "entropy" that i see for seeding a PRNG (in addition to system entropy):
1) use the sender's address (or it's hash)
2) hash the double-spend database file
3) create a file in the yet-to-be-created (hint) config directory and fill the file with random stuff... similar to ezmlm's "key" file. this only has to be created when hashcash is first used*.

any one of these should reduce the risk of doppelganger stamps being created during the same second, but i'm partial to either 1 or 1+2.

* it might seem tempting to fill this file during installation, but if a machine comes with hashcash installed at the factory, then all machines leaving that factory might have the same "entropy file", and it would be somewhat self defeating.


    ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "Water and air, the two essential fluids on which all
         life depends, have become global garbage cans."
                -- Jacques Cousteau, 1910-1997
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBNBT9AAoJEAx/d+cTpVci55gH/RdD4OMw4qQ+ri2aMBnmfYyS
lMDWTsZ4Xj4oSDSfYVJaKZeFgNwURoUsQqjRmIFlRCSVEfupFGqPoTJas06jUlNv
PmKWqP0dvhbmu9V5B2FVeECp9jukedTlKzgyXuFXGGpzNGAc7q5ieeXGdfJ2DLVT
Q/LoCLDdT1mUJEn+9wQ1VRFgTyjdzfX1yX5s5V9GNBWpphfpZH2AhK6xcwS79cb0
AmBh6Np4cTb9TFtCxYsofs56rJorf6w2nw5E9NNuDvaXHDSuXt1z0uM4SVs1vlb3
SHR85Jq9IojhvUnJHXi+vkaqlAdIK55O1hZS1LBVWsnTOes0a24Zd+z8XNJyuh0=
=qFd1
-----END PGP SIGNATURE-----

Other related posts: