Re: Trusted timestamping

2009-10-07 Thread Fearghas McKay

On 6 Oct 2009, at 14:48, Harald Hanche-Olsen wrote:

As explained at they
moved to in 2002. But ... the latest timestamp
summary I can see there is from May 2009, so I guess the point stands,
unless it's just google groups that won't cooperate. (Hmmm, my news
server doesn't even carry, so I can't check further.
Not a good sign.)

Shows a small stream of sigs up to 7th Oct so there is some life in  
parrot yet.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to

Re: Trusted timestamping

2009-10-05 Thread Fearghas McKay

On 5 Oct 2009, at 16:04, Ian G wrote:

My view is that there is no demand for this as a service.  The  
apparent need for it is more a paper requirement that came out of  
PKI world's search for a perfect product than any business need.

E.g., if you think you want it, you might be better rewarded by re- 
examining your assumptions as to why it is needed, than building it...

Has been around since ~1995 and just works whenever I have used it,  
albeit some time ago. It publishes time stamp info on Usenet, which shows the last activity was in 2002...

Which seems to support your viewpoint.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to

Re: 128 bit number T-shirt?

2007-05-02 Thread Fearghas McKay
At 20:59 -0400 1/5/07, Perry E. Metzger wrote:

There is also

Which has a wider range of extra artwork.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Reusable hashcash for spam prevention

2004-05-25 Thread Fearghas McKay
This was posted on the ASRG list - the IRTF Anti Spam Research Group list,
which at first reading indicates that the future for Hashcash/Camram may be

Eric  Johansson the camram developer has some different numbers which he
has just run that I will dig out and forward.


--- begin forwarded text

From: Richard Clayton [EMAIL PROTECTED]
Subject: [Asrg] 3. Proof-of-work analysis
List-Id: Anti-Spam Research Group - IRTF
List-Post: mailto:[EMAIL PROTECTED]
List-Help: mailto:[EMAIL PROTECTED]
Date: Mon, 17 May 2004 23:15:46 +0100

I hope this is useful:

I'm in the Security Group of the Computer Laboratory at the University
of Cambridge. Ben Laurie (yes, that Ben Laurie) and I have recently
been doing some sums on proof-of-work / client puzzles / hashcash
methods of imposing economic constraints upon the sending of spam...

Ben wanted to know how big a proof was needed for a practical scheme
he was considering -- and I told him it wasn't going to work. We then
carefully worked through all the calculations, using the best data
that we could obtain -- and we did indeed come to the conclusion that
proof-of-work is not a viable proposal :(

The paper we wrote about this was presented last week in Minneapolis
at the (academic, peer-reviewed) Third Annual Workshop on Economics
and Information Security (WEAS04)

We've doubtless duplicated the figures on the back of many an
envelope, but it is clearly useful to have the analysis in the formal
literature where our assumptions and figures can be considered and
possibly even improved upon by others.


Slides from talk:


 A frequently proposed method of reducing unsolicited bulk email
 (spam) is for senders to pay for each email they send. Proof-
 of-work schemes avoid charging real money by requiring senders to
 demonstrate that they have expended processing time in solving a
 cryptographic puzzle. We attempt to determine how difficult that
 puzzle should be so as to be effective in preventing spam. We
 analyse this both from an economic perspective, how can we stop
 it being cost-effective to send spam, and from a security
 perspective, spammers can access insecure end-user machines and
 will steal processing cycles to solve puzzles. Both analyses
 lead to similar values of puzzle difficulty. Unfortunately, real-
 world data from a large ISP shows that these difficulty levels
 would mean that significant numbers of senders of legitimate
 email would be unable to continue their current levels of
 activity. We conclude that proof-of-work will not be a solution
 to the problem of spam.


For the avoidance of doubt, the type of scheme we believe we have
shown is not viable is one where all email (except mailing list
email) carries a proof-of-work along with it.

It may be that it is still sensible to consider composite schemes
where puzzles are only solved per sending host or where receivers use
puzzles to admit senders into whitelists...

... however, we would consider it incumbent on any proposer of such a
scheme to do similar calculations to ours before putting it forward.

 [ off-topic for here, but we also suspect that a number of proof-
 of-work schemes in peer-to-peer networks would fall to our type
 of real-world analysis :( people tend to use client puzzles as a
 kind of magic fairy dust to scatter over systems when they get
 stuck in their design :( ]

richard  Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin

Asrg mailing list

--- end forwarded text

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Reusable hashcash for spam prevention

2004-05-25 Thread Fearghas McKay
and the data that Eric S. Johansson got:

-=-=- forwarded text -=-=-

this is frustrating.  I have run through the exact same calculations and
come up with a very different answer.  The answers I came up with the
show that at worst case, spammers with zombies would almost have enough
horsepower to generate enough stamps.  one of the difficult aspects of
this is that I have not been able to get hard numbers on the number of
zombies (it varies by an order of magnitude at least depending on the

as I said at my MIT anti-spam conference talk, I do agree that proof of
work stamps are not a panacea but they are an important component in the
drug cocktail used to attack spam.  that's why I tried very hard to
build camram to be able to incorporate other anti-stamp techniques or
work in conjunction with them.

Another impression of a shortcoming is that they mix and match economic
models.  I need to go through in greater detail to find out if they have
found something I missed.  I do know that the cost of a PC and its
operation are insignificant to the rate limiting effect of stamp
generation.  they also did not seem to account for different degrees of
cost of doing business.  Proof of work stamps will take out the low-end
spammers first allowing us to concentrate efforts on higher end, better
financed spammers.  Fewer targets, easier to hit.

They did not account for automatic inflation of postage rates when
stamped Spam appears or the addition of a second tier of stamps (i.e.
signatures for familiar entities/mailing lists.

the problem with impact on low-end machines is important if you always
generate stamps.  However, for extreme low-end machines (PalmPilot and
cellphones) you can always defer the computational load to a for fee
service such as the ISP handling your e-mail for the device.  With the
rest of the low-end machines, stamped generation just takes longer, and
background and once you have white listed the entity, you never need to
send them a stamp again.

on eco damage caused by stamp generation, again, the transition between
stamps and white lists based on stamp activity illuminate that problem.
  It's only commercial entities who want to send you advertising
unsolicited that would incur such damage.  On the other hand, kill a
couple of SUVs and you can generate many more stamps without worry.  ;-)

on zombies: I think it might be useful if the anti-spam folks spent some
time developing zombie hunters and worked with various service providers
to identify and shut off those machines.  Additionally, ISPs should send
Microsoft an invoice for every machine found and repaired.  Get enough
people together, you could have a substantial lawsuit.  After all, the
real culprit in the zombie problem is not the owner of the PC.  Yes they
were stupid, yes they ran something they shouldn't have, but the system
should not have failed quite so easily!

so am I discouraged?  A little bit.  I'm going to continue but it's one
more naysayer I'm going to have to build arguments against.

-=-=- end forwarded text -=-=-

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]