[hashcash] zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)

• From: Simon Bohlin <simbo040@xxxxxxxxxxxxxx>
• To: hashcash@xxxxxxxxxxxxx
• Date: Tue, 18 Jul 2006 10:02:43 +0200

Hi all!

While figuring out how Eric's calculator works, I organized it as a story (see attached file). I'm sharing this "2.1"-version hoping to shed some more light on how the calculations are done. It seems to me that the calculations are sound.

Abound my remark (1.) in the calculator: spammers do more or less know which spams get through, if nothing else they can gather intelligence on which spams were stopped, or harvest for DNS-records that tell stamping is privileged. (So the proposed DNS-entry would have best effect if spammers would get the wrong idea and stamp for more destinations than ISPs need. In the end some kind of trust-structure seems more practical than DNS-entries).

On the trust topic, I recommend looking into messaging between "identities", with trust brokers instead of mail servers (i.e. no SMTP). Competing proposals are LID http://lid.netmesh.org/ , Yadis and several others. In the LID ranks, they are not sure if the single-sign API (which saves you some work when filling in /inventing :-) new identities to register with a web service) or the tracable messaging is the most important feature. I just got the pdf on the LID messaging mechanism and didn't read it yet, but probably they are doing crypto-signed messages with crypto certificates issued and verified through the brokers. The novelties are: no untraceable emails, but anonymity is ok if your broker allows it. You can see just how anonymous it is by exploring my identity at http: slash slash mylid.net slash sesam -- to prevent future mail list harvesters to connect my email with my LID url I write out the slashes as words.
I think Verisigns free personal certificates were used to sign your email with a real name, presumably to make sure nobody would impersonate you. The identity broker idea extends this and allows anonymity and many more things (for more hype, search for Identity 2.0). What more, they open the floodgates for paid-for credibility, i.e. paying customers might get a higher trust-value than those subscribing with a free broker. The _only_ difference to current SMTP is the _traceability_ of all messages.
Anonymous remailer systems can be implemented as legally and geographically separated brokers with agreements of secrecy/anonymity, will be more expensive to run and will surely be filtered by many ISPs because it would be the easiest attack vector for spammers. <-- This is where proof-of-work / hash stamps fit in!

Best regards,
Simon Bohlin

Title: Zombie Calculator 2.1

Zombie Calculator 2.1

Assume that zombies, among which the average efficiency is percent
(one recent discussion indicated 40000 zombies working only a few hours per day!), are attacking/sending a spam round aimed for mail recipients, to be completed within a limited time of hours, where probabilistic filters and other obstacles on average let percent of emails through.
(1. Is this meant because we assume that spammers will only stamp spam that really need a stamp to try to pass filters?)

Click the button to see the minimal stamp size in seconds (2 decimals) where the stamp cost start limiting spam (where the attacker cannot spend as much stamps as needed and must start skipping stamping some recipients, which in effect means those spams never get through the spam filters) and the auxiliary information
stamp minutes available to the "owner" of the zombies (i.e. zombies*effiency * duration*60)
and on average processor minutes (=stamp amount, no decimals) needed per zombie to stamp _only_those_mails_passed_by_filters_ (see 1. above).

From stamp time to processor time
Stamp costs above are measured in time, but computers have differing efficiency at minting stamps. A science paper (forgotten reference) assumes that spammers/attackers can have processors 30 times more efficient than the slowest home computers which are in internet use. The same paper proposed a more memory-intensive method with suggested factor 4 between the faster and slower computers in use. Add mobile devices used for messaging and the factor gets _much_ bigger, both in processor speed and memory availability. Anyway, processor speed factor "is academic" as long as attackers have huge zombie farms that can both mint stamps and send out their spam.

• Follow-Ups:
  • [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
    • From: Eric S. Johansson

• References:
  • [hashcash] Re: response to "proof of work proves not to work"?
    • From: Eric S. Johansson
  • [hashcash] Re: response to "proof of work proves not to work"?
    • From: John Honan
  • [hashcash] Re: response to "proof of work proves not to work"?
    • From: Eric S. Johansson

Other related posts:

• » [hashcash] zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
• » [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
• » [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
• » [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
• » [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)
• » [hashcash] Re: zombie calculator, messaging without SMTP using identity brokers (Re: response to "proof of work proves not to work"?)