ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 6. Email Path Verification

2003-09-12 16:39:41
from [Jonathan Morton] [Permanent Link] 
You might want to check out the camram.org project.

        http://camram.org/


(Above URL is broken, use http://www.camram.org/ instead.)
I like the idea of hashcash as an increase-spammer-costs strategy, but there's one big fly in the ointment. The computational requirements effectively make a hashcash-based system impractical for small, ultra-portable or autonomous devices.
A modern PC might only take a few seconds to generate a 20-bit hashcash, but an ARM-based PDA or mobile phone might take a lot longer (burning battery power all the while), and a toaster would take forever. Not to forget the old Macs (usually 68030 based) that are commonly resurrected to help elderly, disadvantaged or disabled people establish lines of contact. (Yes, I know someone who actually does this. Old Macs are amazingly durable.)
IIRC, the '030 (which is a contemporary of the i386) is neither superscalar nor pipelined, usually has a pitifully low clock speed, and is therefore hopelessly slow by modern standards. Even simple image-compression algorithms are hard work for such a machine. How long is it acceptable for a hashcash algorithm to take on such a low-end box? That's the limiting factor when deciding how much each mail will "cost".
Finally, I should point out that it is possible to implement most crypto algorithms in hardware, resulting in a much greater hashcash availability to a determined organisation (such as a spammer ring) after some capital investment. The EFF showed that it was possible for 3DES with "Deep Crack", and while it cost $250K to build Deep Crack, an equivalent machine would be much cheaper today because of the availability of inexpensive FPGAs.
A 20-kilogate FPGA development kit costs $300, individual 20Kgate FPGAs cost in the $tens, and a set of custom PCBs can be had for $hundreds at worst. So, let's say the incremental cost is of the order of $25 per FPGA, giving perhaps 25 hashcash tokens per second on average (yes, I'm being faintly optimistic). Even allowing for one-off development and equipment-manufacture costs, spam would appear to be worth enough to make such a system affordable. That puts Granny and her long-suffering Mac*[1] at even more of a disadvantage.
However, a system that uses hashcash as a fallback for other authentication methods would be an interesting concept. For example, use hashcash only to initiate "stranger" communications, and use a strongly-authenticated whitelist otherwise. Reading the rest of that site, I see that's in fact what it suggests. It still doesn't help Granny if it takes her (say) 4 hours to make hashcash, even if she only needs to do that once in a blue moon.
However, there's another problem with CAMRAM, though it's less obvious. Users will build up a list of public keys over time, presumably stored on their own machine. Their private keys will also presumably be stored locally. It's reasonably trivial for a worm to pick up a selection of these keys as it propagates, and deliver them to the black-hats by any of a variety of means.
Suddenly, they have the means to send spam to a lot of people - and even better (in the case of a mass-mailing attachment-based worm), these are mostly the clueless types who are most likely to respond positively to spam and scams. Oh dear.
This second problem is the main reason why any mainstream authentication solution requires the authentication to be done via third-party, (semi-)trusted servers. It's much harder to pick keys off a dedicated server than some newbie's desktop, and if they are, that server can be de-listed quite quickly until it fixes the problem.
*[1] - Mac IIcx, 16MHz 68030+68882, 5MB 120ns RAM, 40MB HD, 640x480, monochrome. I pulled one of these out of a skip last year, and after drying it out I found that it still works. It has similar capabilities to Macs I've heard of being distributed, free of charge, to disadvantaged folks in the American desert. So, if someone wants to know exactly how long a given algorithm will take on that machine, there's at least half a chance I'll run it and let them know. 

--------------------------------------------------------------
from:     Jonathan "Chromatix" Morton
mail:     chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk
website:  http://www.chromatix.uklinux.net/
tagline:  The key to knowledge is not to rely on people to teach you it.


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 2a. Analysis - Developer Perspective, Yakov Shafranovich
Next by Date:  Re: [Asrg] 6. Email Path Verification, Jonathan Morton
Previous by Thread:  Re: [Asrg] 6. Email Path Verification, Jonathan Morton
Next by Thread:  Re: [Asrg] 6. Email Path Verification, Jonathan Morton
Indexes:  [Date] [Thread] [Top] [All Lists]