[hashcash] Re: Opportunistic signatures - a proposed design
- From: Jonathan Morton <chromi@xxxxxxxxxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Sun, 29 Aug 2004 21:41:30 +0100
a practical implementation of a system using shared secrets would be
an absolute nightmare on anything approaching the scale of email. if
anyone can explain a feasible (secure, trusted, invisible to end
users, etc) system of key exchange, i'd enjoy hearing about it.
I think I've already described it. Let me go over your points one by
one:
- Scalability. Each key is known only to it's singular sender and
singular recipient. There is no central authority of any kind, and no
need to send revocation notice to multiple people. Therefore it will
scale indefinitely.
- Security. The key is sent across the wire once (in the common case),
in plaintext. This is considerably more secure than the subsequent
storage of the key on the participating computers, in today's Internet,
and I believe this is sufficient.
- Trusted. Each key is only accepted into the recipient's whitelist if
it comes with high-value hashcash *and* the recipient has already sent
mail to the sender. This establishes that a consensual two-way
conversation is in progress, which is the entire point of the exercise.
- Invisible. Yes, it is.
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: chromi@xxxxxxxxxxxxxxxxxxxxx
website: http://www.chromatix.uklinux.net/
tagline: The key to knowledge is not to rely on people to teach you it.
Other related posts: