At 09:37 PM 12/26/2003 -0500, Adam Back wrote:
The 2nd memory [3] bound paper (by Dwork, Goldber and Naor) finds a flaw in in the first memory-bound function paper (by Adabi, Burrows, Manasse, and Wobber) which admits a time-space trade-off, proposes an improved memory-bound function and also in the conclusion suggests that memory bound functions may be more vulnerable to hardware attack than computationally bound functions. Their argument on that latter point is that the hardware attack is an economic attack and it may be that memory-bound functions are more vulnerable to hardware attack because you could in their view build cheaper hardware more [....]
Once nice thing about memory-bound functions is that, while spammers could build custom hardware farms in Florida or China, a large amount of spam is delivered by hijacked PCs or abused relays/proxies, which run on standard PC hardware, not custom, so it'll still be slow. Penny Black or any other system that involves tweaking the email protocols gets a one-time win in blocking spam, because older badly-administered mail relays won't be running the new system - if their administrators upgrade them to support the new features, hopefully that will turn off any relay capabilities. That doesn't apply to cracked zombie machines, since the crackers can install whatever features they need, but at least all of those Korean cable-modem boxes won't run it. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com