[hashcash] Re: Opportunistic signatures - a proposed design

  • From: Atom 'Smasher' <atom@xxxxxxxxxxxxxx>
  • To: hashcash@xxxxxxxxxxxxx
  • Date: Tue, 31 Aug 2004 20:37:10 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Mon, 30 Aug 2004, Eric S. Johansson wrote:

I see that as a spammer hole. either by mailing through the entire list or through collecting addresses of active participants, one can use that logic as a way of enabling parallel double spending. not to mention problems with distinguishing when the use the mailing list exclusion vs. not. A third failing is the ability to forge a message to make it look like it comes from the mailing list. 
================

the hole is a spammer subscribing to the list, and sending out as much spam as they can, before they get turned off. what's the solution for this... spam filters on the lists? moderated lists? unmoderated posts granted to users after they've "proven" their value to the list? new members must be voted in?

collecting addresses and spoofing the list are not practical... on most lists, a small percentage of the members do most/all of the posting. this also takes more work than spammers are interested in.


it may or may not be. i'm not using the world's best computer here, but a 20-bit stamp for everyone isn't too big a burden for me. moore's law will also apply to legitimate user's of hashcash ;)

I'm on the fence on that one as well. But the enterprise argument is the pushes me in the direction of saying it's unreasonable. 
============

if someone can afford to send out enough email where that's a concern (ebay? amazon? buy?), and they don't want to stamp it, there's a good chance that they're a spammer.

OTOH, let's say i subscribe to a mailing list, <special-offers@xxxxxxxxxxxxxxx>. well, having subscribed to a mailing list, i can accept stamps for that address.

seriously... this SHOULD be a burden to anyone doing a mass mailing! i think of that as a FEATURE, not a BUG.


at the egress point for any aggregation of any number of e-mail users, traffic patterns start to look significantly like a spammer. The greater the aggregation, the greater the likeness. 
=============

if it were true that spamminess of an email can be correlated to the volume of email passing through a node, then spam filters wouldn't work.


now I am not talking about the mass mailer. I'm talking about the ordinary organizations such as the typical 500 person or larger size company using e-mail to communicate with customers and suppliers.

I state again that a significant philosophical point should be that the ordinary communications between two parties should not be slowed any more than necessary. this philosophical point is why I'm arguing for something other than hashcash for known party communications. Today I use simple white lists. I want something better. 
=============

500 users minting stamps on 500 desktops is not a significant burden. 500 users having all stamps generated by an outbound "stamp server" could be.


anything that satisfies this requirement will violate the above requirement: enterprise systems are slow to change.

that may be. But I do believe that a box sitting in front of the mail server will be more acceptable than changing every desktop at least in the short term.

no need to wait for the technology advanced troops to pick up on something for it to be generally useful. 
================

thus, a market will exist for an outbound "stamp server", specially set up for minting stamps. i suppose that's inevitable... but when they hit the surplus market....


there is an unparalleled risk factor created when signatures happen on auto-pilot. public key systems will only result in "signed spam". there would be less spam getting through on a daily basis, but when a machine is cracked before a holiday weekend, and there are 100 people in the address book, those 100 people will likely suffer a DoS from the signed spam they're getting. it's debatable whether that's better or worse than a filter that let's 5% of spam through every day.

which is another argument for the more secure box sitting in front of the mail server. No matter what you do, if a machine is owned, you are screwed. But the benefits of optimizing communications between known parties is a significant argument for white lists by name or public key. 
==========

but then you're talking about domain signatures, not user signatures? yahoo already invented that. and home users aren't going to have a "secure" box anywhere... not as long as M$ is in business. so the problem of stolen signing keys might be reduced for companies that can afford to not keep keys on desktops, but the problem doesn't go away.


If you rotate keys on a regular basis, then your exploitation window drops unless of course your machine has been compromised at which point, you are screwed. 
==============

i would assume that a machine gets owned, and between 2-3am that night the spam will start... send out a flood of spam while the mark is sleeping, and when they wake up they'll have a lot of people ~very~ angry at them.


If you take care and protect your keys with passphrases or external devices, you are much better shape unless you machine has been compromised at which point, you are screwed 
===============

for >99% of users, those precautions will not be taken.


I guess I'm trying to say is if you machine has been compromised, you are screwed no matter what. Either you machine is used as a zombie for generating lots of stamps, your address book is ripped off, your keys are ripped off, the data files can be ripped off. And, most people would never know what's happening. They're just screwed. 
==========

agreed then: M$ is the problem ;)

assuming a compromised machine, the nice thing about hashcash vs signing keys is that it throttles the rate at which spam can be sent...

compromised signing keys on a compromised computer would essentially guarantee a DoS attack against everyone in the address book... the only limiting factor is the speed of the connection.

a compromised machine in a hashcash universe would be limited to sending out what... ~30 emails/sec? and that's at 100% load. my mom would notice that, and call someone (not me, i dunno nuthin about windoze).


summary: public keys can prevent forgery, not spam.


    ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "If the world were merely seductive, that would be easy.
         If it were merely challenging, that would be no problem.
         But I arise in the morning torn between a desire to
         improve the world, and a desire to enjoy the world. This
         makes it hard to plan the day."
                -- E.B. White
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBNRm8AAoJEAx/d+cTpVciiM8H/2ZKLO5czVDmJemqNmCJccqW
DoQAFRAn9J3B13qf9k9C7rsceVrKpxXbnFsU+tf47g2fDrvU4VZGnbY+SBPtzWfV
HPNCRzYNOKzshrCIqxYMZYjCTU1IJUQ/1hO/s3n/ifvihshv2nQLuKiURwZA1dnB
bSEP8iLjUSZcpVHUdPA/DqodAYF6himdk/tTtfKrALSFXXuhNuTp739BASoX0+Qu
K1LPiJDkkPVdPb8MGmxS7l+JtjCQ6xhEhnFRitr3naWHA9J5cXzwRmj4++9yvPge
EwZs+nrD8yRY/jO2RkQNU/vcfHosKehVNruG22SZWYsyrXiJkZzOHBOeZklAlcM=
=Q/AV
-----END PGP SIGNATURE-----

Other related posts:

  1. Home
  2. hashcash
  3. Archive
  4. 08-2004