Thanks Albert - Right... but I'm not excluding cases where micropayment systems are subjected to automated attack; I'm suggesting that that would represent 'abnormal' levels of disputed payment. I was considering integrity protection (MAC/signing) in the context of disputed micropayments at 'normal' (i.e. personal, non-automated) volumes. I think the countermeasures for that threat model differ from the countermeasures for automated attack.
I hope this helps clarify the point I was trying to make. R Robin Wilton Technical Outreach Director - Identity and Privacy Internet Society email: [email protected] Phone: +44 705 005 2931 Twitter: @futureidentity On 9 Dec 2013, at 01:24, Albert Lunde wrote: > On 12/8/2013 1:59 PM, Robin Wilton wrote: >> Nick, >> > >> I agree that there is a cost threshold for signature/MAC. It is >> something I uncovered in my PKI research: for PKI-enabled micropayments >> it is, arguably, not worth signing the public key involved, if the >> number of disputed payments is at normal levels... because normal >> levels, for most micropayment applications, are low. It's more >> cost-effective to simply refund the tiny minority of disputed payments. > > It seems like a threat model that assumes the sole risk is disputed payments > "at the normal rate" is broken in the presence of automated attacks. > > I don't think the NSA is the only bad actor, in the short term, for-profit > criminal groups seem more likely to do active or tailored attacks. This can > result in bursts of fraud and/or malware affecting particular clients or > sites disproportionately. > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
