From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/45429
Path: main.gmane.org!not-for-mail
From: Simon Josefsson <jas@extundo.com>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: [ANNOUNCE] contrib/hashcash.el spam fighter
Date: Sat, 29 Jun 2002 01:03:26 +0200
Sender: owner-ding@hpc.uh.edu
Message-ID: <iluadpfgg5d.fsf@extundo.com>
References: <Pine.LNX.4.44.0206241356360.29624-100000@yxa.extundo.com>
	<02Jun24.115740edt.119250@gateway.intersystems.com>
	<iluit48y6gj.fsf@extundo.com>
	<02Jun24.151839edt.119751@gateway.intersystems.com>
	<ilu1yawxtu1.fsf@extundo.com> <m3elewm7dk.fsf@peorth.gweep.net>
	<iluvg87wxbn.fsf@extundo.com>
	<02Jun25.104630edt.119271@gateway.intersystems.com>
	<s5gvg834fxr.fsf@egghead.curl.com>
	<02Jun28.122222edt.119118@gateway.intersystems.com>
	<s5gptybb16a.fsf@egghead.curl.com>
	<02Jun28.172137edt.119392@gateway.intersystems.com>
NNTP-Posting-Host: localhost.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: main.gmane.org 1025305476 13386 127.0.0.1 (28 Jun 2002 23:04:36 GMT)
X-Complaints-To: usenet@main.gmane.org
NNTP-Posting-Date: Fri, 28 Jun 2002 23:04:36 +0000 (UTC)
Cc: "(ding)" <ding@gnus.org>
Return-path: <owner-ding@hpc.uh.edu>
Original-Received: from malifon.math.uh.edu ([129.7.128.13])
	by main.gmane.org with esmtp (Exim 3.33 #1 (Debian))
	id 17O4n5-0003Tn-00
	for <ding-account@gmane.org>; Sat, 29 Jun 2002 01:04:35 +0200
Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists)
	by malifon.math.uh.edu with esmtp (Exim 3.20 #1)
	id 17O4mQ-0007pc-00; Fri, 28 Jun 2002 18:03:54 -0500
Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Fri, 28 Jun 2002 18:04:14 -0500 (CDT)
Original-Received: from sclp3.sclp.com (qmailr@sclp3.sclp.com [209.196.61.66])
	by sina.hpc.uh.edu (8.9.3/8.9.3) with SMTP id SAA00162
	for <ding@hpc.uh.edu>; Fri, 28 Jun 2002 18:04:00 -0500 (CDT)
Original-Received: (qmail 28885 invoked by alias); 28 Jun 2002 23:03:27 -0000
Original-Received: (qmail 28880 invoked from network); 28 Jun 2002 23:03:26 -0000
Original-Received: from 178.230.13.217.in-addr.dgcsystems.net (HELO yxa.extundo.com) (217.13.230.178)
  by gnus.org with SMTP; 28 Jun 2002 23:03:26 -0000
Original-Received: from latte (yxa.extundo.com [217.13.230.178])
	(authenticated bits=0)
	by yxa.extundo.com (8.12.5/8.12.5) with ESMTP id g5SN3O6w013684;
	Sat, 29 Jun 2002 01:03:24 +0200
Original-To: Stainless Steel Rat <ratinox@peorth.gweep.net>
Mail-Copies-To: nobody
X-Hashcash: 020628:ratinox@peorth.gweep.net:cd81210bd3670964
X-Hashcash: 020628:ding@gnus.org:1419861365638833
In-Reply-To: <02Jun28.172137edt.119392@gateway.intersystems.com> (Stainless
 Steel Rat's message of "Fri, 28 Jun 2002 17:30:03 -0400")
Original-Lines: 51
User-Agent: Gnus/5.090007 (Oort Gnus v0.07) Emacs/21.3.50
 (i686-pc-linux-gnu)
Precedence: list
X-Majordomo: 1.94.jlt7
Xref: main.gmane.org gmane.emacs.gnus.general:45429
X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:45429

Stainless Steel Rat <ratinox@peorth.gweep.net> writes:

> * "Patrick J. LoPresti" <patl@curl.com>  on Fri, 28 Jun 2002
> | Right, so you have to try them all.  Checking the validity of a coin
> | is "fast", so this is OK, in theory.
>
> Not even in theory.  It is a linear problem, and linear problems do not
> scale.

The number of email addresses a person has is usually a constant, so
the problem is O(1).

> | Then again, it is not disastrous if you miss a message.
>
> And if that lost message is the job offer I am expecting?  -Anything- that
> causes loss of legitimate mail is BAD.  Really bad.  Unacceptably bad, in
> my opinion and that of the 350 employees in my company who expect mail not
> to be lost.

I wouldn't reject failed hashcash, I would treat it as mail that don't
have hashcash.  Hashcash improves the situation in most cases, and in
the remote cases where it fails, it doesn't make things worse than it
was before.

> [...]
> | Well, you get to decide how many bits you require the sender to match,
> | so you can make it one out of however many you like.
>
> | Or am I misunderstanding what you mean?
>
> You are misunderstanding.  Say that you (not necessarilly "you" personally,
> but anyone or thing that relies on X-Hashcash headers) want 20 bits
> collision (that is a 1:2^20 probability of any two hashes of the same total
> length meeting the criteria, or approximately 1 in 1 million, just so you
> know).  And say that I use something like Sub7 to distribute my X-Hashcash
> DoS system to a mere five thousand machines, which can calculate hashes at
> a rate of 1 every 10 seconds, just to pull some numbers out of my behind
> (10 seconds is rather slow by today's standards, anyway).  That is 1.8
> million hashes per hour.
>
> All those hashes being dumped into your spent coin database.  And five
> thousand Sub7 variant infections is a very conservative number.
>
> Do you begin to see the vulnerabilities in X-Hashcash?

Not at all, it seems to work fine, if in your example hashcash forces
spammers to invest in knowledge to get a cluster with 5000 machines to
work.  Making it expensive to spam is the whole point of hashcash.

Also, in practice the collision size people will use will be close to
30 bits though, and is increased over time as CPUs gets faster.