[hashcash] Re: how many bits / how to negotiate (Re: Re: stamp creation std. deviation)
- From: Jean-Luc Cooke <jlcooke@xxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Fri, 13 Aug 2004 09:51:58 -0400
Oh! And what abotu the VIA chips with PadLock? :)
http://www.via.com.tw/en/Digital%20Library/PR040518EPF.jsp
I got one of these yesterday. Spammers may want to buy these babies ONLY as
hashcash off-loaders...but then they'd have to pay money for it.
JLC
On Fri, Aug 13, 2004 at 09:51:24AM -0400, Adam Back wrote:
> Jonathan's fast minter does ~4 Megahashes/sec or about 22 bits/sec on
> a 3Ghz P4. But I concur: I think 20 bits is about right now also.
>
> The question of how to upgrade this over time is an unanswered question.
>
> CAMRAM does a challenge-response thing and so can negotiate upwards.
>
> Bare-hashcash can not do this.
>
> This is partly what the extension mechanism is for -- to allow us to
> plug in a bit upgrading extension later.
>
> I had one candidate which is some group agrees a policy (eg 1 second
> on best price point desktop revised once every 6 months) and publishes
> via a symmetric key "signature" like construct. (Which is eg
> authenticated using a hash-chain.) Or using signatures.
>
> But I wanted to progress the basic client to v1 format and get that
> into SA3 before we explore this to work incrementally.
>
> So the hashcash recommended from the hashcash man page is currently 20
> bits. (Run it without the -b <bits> option and you get a 20 bit stamp).
>
> I came across one security-related mailing-list that is attaching
> hashcash to their security bulletin mails to subscribers.
> http://www.computercops.biz There was a thread in news.admin.net-abuse
>
> http://groups.google.ch/groups?hl=en&lr=&ie=UTF-8&threadm=41184f25%243%24fuzhry%2Btra%24mr2ice%40news.patriot.net&rnum=10&prev=/groups%3Fq%3Dhashcash%26hl%3Den%26lr%3D%26ie%3DUTF-8%26scoring%3Dd%26selm%3D41184f25%25243%2524fuzhry%252Btra%2524mr2ice%2540news.patriot.net%26rnum%3D10
>
> where computercops.biz were trying to get their IP off spews. (Their
> IP blocked because of arguably spammer-friendly/neutral ISP they are
> using).
>
> I am not quite sure how to read the whole thing, but they do appear to
> send hashcash as I tried to subscribe to see and the subscription conf
> msg had a valid 24-bit (version 0) hashcash stamp on it. (Of course
> we don't know if that was meant to be a 20-bit but they got lucky --
> an example of the info loss in not having the intended bits field).
>
>
> But generally what it says in the FAQ about mailing lists is the
> sender should put the stamp, and the recipient should accept the list
> address as an address they accept mail as. (Long term solution being
> list server verifying the stamp, and replacing with a signature).
>
> Adam
>
> On Fri, Aug 13, 2004 at 09:23:59AM -0400, Jean-Luc Cooke wrote:
> > This policy I'd personally like to see it as "hashcash recomands X bits, but
> > it is up to the mail-server/procmail user to decide how to filter mail".
> >
> > Reasons:
> > 1) Mailing lists like linux-kernel may find ti too expensive to compute
> > hashcash values for 3,000 emails 400 times a day.
> > 2) lots of others
Other related posts: