Payments as an answer to spam
Dan Geer
geer at world.std.com
Sat May 17 17:07:55 EDT 2003
> ... snip ...
> good analysis. It's the classic reason why any payment system is
> cursed as an antispam system. That latency between value retrieval
> and propagation of that status is the real killer. As you point
> out, a secondary killer is the number of queries one needs to make
> against a coin/stamp/check verifier.
> ... snip ...
Noting the close similarity between spam and denial of service,
it is worth remembering that there is a fundamental tradeoff
between authorization requirements and vulnerability to DoS
in that the work factor I can impose on you is proportional
to the amount of labor I can cause you to voluntarily perform
before you can make your GO/NOGO decision on my authorization
for further service. Adding work factor the better to ensure
that no unauthorized services are performed paradoxically
increases your vulnerability to DoS in that I can ask for
that pre-authz work to be done as often as I like.
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list