Re: why penny black etc. are not very useful (could crypto stop spam??)
At 17:38 30/12/2003, Perry wrote: In my opinion, the various hashcash-to-stop-spam style schemes are not very useful, because spammers now routinely use automation to break into vast numbers of home computers and use them to send their spam. They're not paying for CPU time or other resources, so they True. But, as Ben noted, the user of the machine could and should care about the resource. Now one may claim that many users don't pay attention to viruses stealing huge amounts of their CPU time. So I agree that the `waste CPU time to pay for sending mail` may have limited effect to stop spam. I also rather dislike the notion of wasting resources to send every e-mail. But where I quite disagree with you is when you say... snip... 1. We need public key authentication of all mail. Well, I'll point out that large integers are cheap and plentiful. Authenticated spam is pretty much as bad as non-Authenticated spam. If we use IMHO, your conclusion is wrong: cryptographic authentication could be a critical tool to stop spam; someone in our community should do this (write the software) already... How? E-mail (at least from new correspondents) must be signed by an `anti-spam mail certification authority (ASMCA)` - often the ISP of the sender. Recipient's mail client (or server) will reject mail (from new correspondents) not certified by a trustworthy ASMCA. If the mail was not rejected but later identified (by end user) as spam, the recipient client/ISP will not only know not to trust the sender's ASMCA, they will also have `proof` that this ASMCA approved (signed) this spam, so they can inform other ASMCA's and mail client/servers. Results: - ASMCA's have strong incentive not to approve spam. They'll use appropriate measures, mainly: filtering tools and punishing spammers (blocking accounts, charging fines, etc.) - End users whose machines were broken into will be notified by their ASMCA (usually ISP), when it detects the spamming by filtering tools or by complaints, and will (1) know there's a problem and take measures to get rid of the spamming trojan horse and (2) maybe be a bit more careful about the machine in the future. Desired side effects: - users will also enjoy e-mail authentication (and confidentiality could be added trivially) - which in particular will make it a bit more difficult for e-mail viruses to propagate. What's the bug in this simple solution? If anybody wants to implement I'm willing to assist in developing/validating the protocols. Best regards, Amir Herzberg Computer Science Department, Bar Ilan University Homepage (and lectures in applied cryptography, secure communication and commerce): http://www.cs.biu.ac.il/~herzbea - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: why penny black etc. are not very useful (could crypto stop spam??)
hi Amir Herzberg wrote: E-mail (at least from new correspondents) must be signed by an `anti-spam mail certification authority (ASMCA)` - often the ISP of the sender. Recipient's mail client (or server) will reject mail (from new correspondents) not certified by a trustworthy ASMCA. ok, but is it a 'web of trust' model [pgp] with many decentralized ASMCAs [or whatever they're called], or a 'pay to play' model where an authority [verisign] decides which mail gets the bits or not. the technology exists, and would work. the problem [as is often the case], comes with the human interface to the technology. i am very skeptical of how much better things would be in a 'pay to play' scenario. we'd just get different kinds of spam without lessening the flow. - ASMCA's have strong incentive not to approve spam. if they can make more money by approving it, they will. i wish it were otherwise. -- \js ! VTABE NAPRV FFGER ATGU - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: why penny black etc. are not very useful (could crypto stop spam??)
On Thu, 1 Jan 2004, Amir Herzberg wrote: IMHO, your conclusion is wrong: cryptographic authentication could be a critical tool to stop spam; someone in our community should do this (write the software) already... How? E-mail (at least from new correspondents) must be signed by an `anti-spam mail certification authority (ASMCA)` - often the ISP of the sender. Recipient's mail client (or server) will reject mail (from new correspondents) not certified by a trustworthy ASMCA. If the mail was not rejected but later identified (by end user) as spam, the recipient client/ISP will not only know not to trust the sender's ASMCA, they will also have `proof` that this ASMCA approved (signed) this spam, so they can inform other ASMCA's and mail client/servers. This is impractical. No such infrastructure will exist. Trust management on the scale your propose is not feasible or desirable. The key feature of email and what makes it the Internet's killer application is that anyone can send email to anyone else. No central authority is needed to vouch for the sender or the content. Again, we do not need to cripple email to stop spam. For my mailbox, of the 1000 spam messages a month that get past the RBL, 925 are caught by the spam filter. I am left with 2-3 spam messages a day, why again do we need to cripple the most important application on the Internet? -- Viktor. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: why penny black etc. are not very useful
Perry E. Metzger wrote: In my opinion, the various hashcash-to-stop-spam style schemes are not very useful, because spammers now routinely use automation to break into vast numbers of home computers and use them to send their spam. They're not paying for CPU time or other resources, so they won't care if it takes more effort to send. No amount of research into interesting methods to force people to spend CPU time to send mail will injure the spammers. If you set the price to 1 minute of CPU, and spammers own 10% of all machines on the 'net, then the average machine can only receive 144 spams per day. That's a significant improvement on my situation. Plus I'd've thought that having 100% CPU utilisation all the time might attract attention. But maybe not. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: why penny black etc. are not very useful
At 11:12 AM + 12/31/03, Ben Laurie wrote: Perry E. Metzger wrote: In my opinion, the various hashcash-to-stop-spam style schemes are not very useful, because spammers now routinely use automation to break into vast numbers of home computers and use them to send their spam. They're not paying for CPU time or other resources, so they won't care if it takes more effort to send. No amount of research into interesting methods to force people to spend CPU time to send mail will injure the spammers. If you set the price to 1 minute of CPU, and spammers own 10% of all machines on the 'net, then the average machine can only receive 144 spams per day. That's a significant improvement on my situation. Plus I'd've thought that having 100% CPU utilisation all the time might attract attention. But maybe not. Cheers, Ben. There is something else one can do that might help. The hashcash stamp algorithm can be designed to provide a strong, constant signature to virus detectors. For example, in my HEKS-1 algorithm, I populate a large array with pseudo random words. It would be easy enough to have some fraction (say 1/8th or 1/16th) of those words be a special constant (or one of a few special constants). There would be no way for the spammer to avoid exhibiting the same constants while generating stamps without incurring a severe computational penalty. So any stamp generation activity would be easy to detect. Since the signature would never change, the detection software could be built into the operating system (or even the CPU itself). Legitimate stamp generation would have to be distinguished, perhaps by code signing or some Touring test. A sufficiently clever virus writer with root access might be able commandeer the legitimate stamp generator. If this happens, periodic required updates of the hashcash software can be issued that thwart viruses in the field. Also a large number of countermeasure variants can be generated, making it hard for the virus to recognize them all. This reverses the tactical advantage normally enjoyed by virus writers. Illegitimate stamp generators are forced to present a fixed target while legitimate programs and counter measures can continuously morpf. Arnold Reinhold - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: why penny black etc. are not very useful
On Wed, 31 Dec 2003, Arnold G. Reinhold wrote: Legitimate stamp generation would have to be distinguished, perhaps by code signing or some Touring test. A sufficiently clever virus writer with root access might be able commandeer the legitimate stamp generator. If this happens, periodic required updates of the hashcash software can be issued that thwart viruses in the field. Also a large number of countermeasure variants can be generated, making it hard for the virus to recognize them all. This reverses the tactical advantage normally enjoyed by virus writers. Illegitimate stamp generators are forced to present a fixed target while legitimate programs and counter measures can continuously morpf. Wildly unrealistic IMHO. I would predict that email transmission *will* remain essentially free. Spam detection software will be deployed more broadly, and spammers who use trojaned machines will at some point in the not too distant future (when the DAs wake up to this widespread criminal activity) be successfully prosecuted. Of the ~75 messages inbound message recipients a day on the gateways I manage, 40% are rejected by RBL lists and private blacklists/content checks. 5% of the remainder is caught as spam by a commercial anti-spam content filter. The filter's detection rate against this RBL pre-screened sample is ~90%, the false positive rate is less than 0.01%. So we get rid of ~99.5% of spam with no hash-cash. This is good enough. I am not about to implement any CPU burning stamp generators any time soon. The recent Microsoft and Yahoo announcements get a lot of publicity, but I am skeptical that they will ever be widely adopted. It is reasonable to note that Microsoft sells a lot of the clients (Outlook OE), so they have a better chance of getting their technology adopted, but even Microsoft has a hard time getting users to upgrade from Windows 98/Office 97 which continue to perform well enough for most users (security flaws and all). -- Victor Duchovni IT Security, Morgan Stanley - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]