what fields to hash with hashcash (Re: A Trial Balloon to Ban Email?)

Justin justin at soze.net
Wed May 14 07:49:34 PDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Adam Back (2003-05-14 05:27Z) wrote:

> Well there are different things you could hash.  This simplest is just
> to hash the recipient address and the current time (to a day
> resolution).
> 
> The recipient looks at the token and knows it is addressed to him
> because it's his address.  He stores it in his double spend database
> and won't accept the same token twice.

This is just broken.

How do you know what address the sender was sending to?  You have no
reliable access to envelope to: addresses.

Joe bcc's james at nowhere.net, politely generating a hashcash token over
james at nowhere.net and the mesID.  Nowhere.net expands that alias to
james.t.doe at treas.gov.  Whoops.  Hashcash is now invalid, as there's no
reliable mechanism MTAs use to note the original address before the
change.  Some might note it with Delivered-To:, others note it in
received headers, others (qmail, ahem) don't note it at all.

Worse, even if there were a reliable mechanism, all it takes is one
loose cannon with an open mass-mail list and as long as it doesn't
delete whatever header (maybe delivered-to:, maybe something else) that
indicates the list was an envelope to: address, one hashcash token works
for one email to the entire list.

> After the validity period of a token has expired he can remove it from
> his double-psend database to avoid the database growing indefinately.
> (He can reject out-of-date mail based purely on it's date).

Isn't it simpler to use message IDs for replay detection?  No need to
look for replays using another mechanism when there's already one that
works fine, and that many people use for dup detection today.

> Hashing the message body is generally a bad idea because of minor
> transformations that happen as mail traverses MTAs and gateways.

No argument there.

- -- 
Freedom's untidy, and free people are free to make mistakes and commit
crimes and do bad things.  They're also free to live their lives and do
wonderful things.   --Rumsfeld, 2003-04-11
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc2 (GNU/Linux)

iEYEARECAAYFAj7CV34ACgkQnH0ZJUVoUkPNkACeJBwnnFNrk7aipazqOVDxaNa2
KRwAoMGCd4CtMkJhZD7zC3sy0mBWiSTK
=EEDd
-----END PGP SIGNATURE-----





More information about the cypherpunks-legacy mailing list