At 01:33 PM 5/13/2003 -0600, Vernon Schryver wrote:
> From: Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com>
> ...
> Instead of storing the actual email address in the database, we might
store
> a one-way hash of it, lets say MD5. When emails are sent and received, the
> sender's email address is hashed and compared against the database. This
> way if anyone ends up wanting to use the database, it would be impossible
> since there will be no email addresses in it. Of course it would still be
> possible to check a specific email address against or use some form of a
> dictionary attack, ...
Which implies that in the cases that matter, nothing is hidden. Dictionary
attacks are easy when you know what you're looking for. This is one
reason why the DCC procotol does not include a checksum for the target.
That's not a complete solution, but it's not as bad as the C/R case
where the database would consist of a recipient and a set of senders.
Nevertheless using hashes instead of password will not allow the owner of
the C/R system to spam all the senders like SpamArrest did. I am not
advocating a specific solution, just a need for one - more thought must go
into this area.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg