----- Original Message ----- 
From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
To: "Ian Grigg" <[EMAIL PROTECTED]>
Cc: "Graeme Burnett" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 11, 2004 11:36 AM
Subject: Re: The future of security 


> In message <[EMAIL PROTECTED]>, Ian Grigg writes:
> > Security architects
> >will continue to do most of their work with
> >little or no crypto.
> 
> And rightly so, since most security problems have nothing to do with 
> the absence of crypto.
> >
> >j.  a cryptographic solution for spam and
> >viruses won't be found.
> 
> This ties into the same thing:  spam is *unwanted* email, but it's not 
> *unauthorized*.  Crypto can help with the latter, but only if you can 
> define who is in the authorized set of senders.  That's not feasible 
> for most people.


Something like hashcash / client puzzles / Penny Black define a set
of authorized email (emails that come with a proof-of-work), and then
provide a cryptographic solution.   This is not a full-proof solution (as
described in the paper Proof-of-Work Proves Not to Work), 
but a good partial solution that is probably best used in combination
with other techniques such as white-lists, Bayesian spam filters , etc...

I think cryptography techniques can provide a partial solution to spam.

--Anton

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to