[hashcash] Re: hashcash v1 questions

  • From: Justin <justin-hashcash@xxxxxxxx>
  • To: hashcash@xxxxxxxxxxxxx
  • Date: Tue, 1 Jun 2004 04:19:22 +0000

On 2004-05-31T22:32:10-0400, Hubert Chan wrote:
> >>>>> "Eric" == Eric S Johansson <esj@xxxxxxxxxx> writes:
> [...]
> Eric> Before you get your knickers in a twist over this attitudes,
> Eric> remember that all of the "proper procedures" as put forth by
> Eric> pgp/smime enthusiasts have done more to setback to widespread use
> Eric> of cryptography than any political/legislative manipulations by
> Eric> the spook community. What the crypto geeks have forgotten (or
> Eric> maybe never knew) is that human factors wins out over technical
> Eric> features any day.
> It all depends on what you're trying to achieve with crypto, and what
> your attack model is.  If you just want to verify that the person who
> is emailing you today was the same guy who emailed you last week, you
> can be a lot more lax than if you want to make sure that the email you
> got really was from the Linus Torvalds who wrote the Linux kernel.

Well this sounds like a debate for the cryptography list, and they seem to
have it quite often.

> And I don't think that human factors is the reason we don't have
> widespread crypto.  The thing is that most people just don't see a need
> for it.  (Here.  I'll GPG sign this message just for fun.)

But s/mime is in use at many corporations, and that may be the most
important area for crypto.  Then there are fringe groups that use crypto.
Human rights organizations use it; terrorists use it; criminals use it.

> P.S.  I don't know much (anything) about the camram model, but how well
> does it protect against zombied machines?  Say, Alice's machine gets
> zombied by the latest virus-du-jour, and starts sending out emails,
> signed with her camram key.

It wouldn't at all.  The spammer can get messages through to anyone who
has Alice's key whitelisted.  Hopefully that's not too many people, and
it's not nearly as many people as the spammer can spam today.

Alice's key would hopefully be blacklisted quickly via some mechanism.
Alice would learn to keep her machine secure if she values being able to
send email.

If signed messages also required some postage (maybe 23 bits of present
value), the spammer/virus would peg Alice's cpu and make the situation
more noticeable.

If the spam problem becomes intolerable even with hashcash, email is dead,
because without hashcash there will be even more spam.  Spammers will use
zombies even if hashcash is not widely adopted.  Hashcash will at least
slow spammers down.  Ideally it'll slow them down so much they give up,
but if it doesn't it's still better than nothing.

The alternative is to give up right now and come up with a replacement for
smtp.  Nobody's serious about doing that, and it would require such a vast
change in current infrastructure that it's not likely to happen before
spammers have succeeded or failed in destroying email communication.

It'd be just like IPv6. *snicker*

"Not your decision to make."
"Yes.  But it's the right decision, and I made it for my daughter."
 - Bill, Beatrix; Kill Bill Vol. 2

Other related posts: