Jump to content

Hashcash

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Ad4m.b4ck (talk | contribs) at 17:06, 4 April 2007. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

You must add a |reason= parameter to this Cleanup template – replace it with {{Cleanup|November 2005|reason=<Fill reason here>}}, or remove the Cleanup template.

Hashcash is a proof-of-work system designed to limit email spam and denial of service attacks. It was proposed in March 1997 by Adam Back [2].

How it works

Hashcash is a method of adding a textual stamp to the header of an email to prove the sender has expended a modest amount of CPU time calculating the stamp prior to sending the email. In other words, as the sender has taken a certain amount of time to generate the stamp and send the email, it is unlikely that they are a spammer. The receiver can, at negligible computational cost, verify that the stamp is valid.

The theory is that spammers, whose business model relies on their ability to send large numbers of emails with very little cost per message, cannot afford this investment into each individual piece of spam they send. Receivers can verify whether a sender made such an investment and use the results to help filter email.

Technical details

The header line looks something like [3] 

   X-Hashcash: 1:20:060408:adam@cypherspace.org::1QTjaYd7niiQA/sc:ePa

Technically the system is implemented as follows:

  • The recipient's computer calculates the 160 bit SHA-1 hash of the entire string "1:20:060408:adam@cypherspace.org::1QTjaYd7niiQA/sc:ePa". This takes about two microseconds on a 1 GHz machine -- far shorter than the time it took for the rest of the e-mail to be received. If the first 20 bits are all zero, then it is valid (later versions may require more bits to be zero).
  • The recipient's computer checks the date in that header "060408" (8 Apr 2006). If it's within 2 days of today, it's valid (to compensate for clock skew and routing time).
  • The recipient's computer checks to see if the e-mail address in that header is (any of) the valid e-mail address(es) of the recipient (or any mailing lists to which the recipient is subscribed).
  • If all the other checks are valid, the recipient's computer puts that string in a database. If that string was not already in the database, it is valid.

All these tests take far less time and disk space than receiving the rest of the e-mail.

The sender merely needs to generate a header line that will pass all the tests. The sender's computer first generates an initial Hashcash string (the date, the e-mail address, and a random number at the end). The sender's computer then repeatedly increments that random number and runs SHA-1, over and over again, until SHA-1 gives enough zeros. Getting the first 20 bits to be zero requires about 2^20 iterations, or about 1 second on a 1 GHz machine. A normal person wouldn't even notice the computer taking a second to generate the Hashcash string. Currently, spammers would prefer to spend that one second sending out hundreds of pieces of spam, rather than calculating Hashcash for a single piece of spam.

The time needed to compute such a hash collision is exponential with the number of zero bits. So one can keep adding zero bits (doubling the amount of time needed to send with each zero bit) until it is too expensive for spammers to generate valid header lines. (Confirming the header is valid always takes the same amount of time, no matter how many zero bits one adds.)

Advantages and disadvantages

The Hashcash system has the advantage over micropayment proposals applying to legitimate email that no real money is involved. Neither the sender nor recipient need pay, thus the administrative issues involved with all micropayment systems are entirely avoided.

On the other hand, as Hashcash requires significant computational resources to be expended on each e-mail being sent, it is impractical to use with low-end or battery-powered hardware without the help of an external server.

Hashcash is also fairly simple to implement in mail user agents and spam filters. No central server is needed. Hashcash can be incrementally deployed -- the extra Hashcash header is ignored when it is received by mail clients that do not understand it.

One vital problem of hash cash is that it is not clear whether there exist effective parameters at all, i.e. parameters that allow the good people to get on with their business while prohibiting bad people from getting on with theirs. Some plausible estimates [4] come to the conclusion that you can only have one of these: Either good e-mail will get stuck due to lack of processing power of the sender, or bad e-mail is bound to still get through. The reasons for this are botnets or cluster farms with which spammers can increase their processing power enormously, or centralized e-mail-topologies like mailing lists, in which some server is to send an enormous amount of legitimate e-mails.

Most of these issues may be addressed. E.g., botnets may expire faster because users notice the high CPU load and take counter-measures, and mailing list servers can be registered in white lists on the subscribers' hosts and thus be relieved from the hashcash challenges. But they represent serious obstacles to hashcash deployment that need to be addressed somehow.

Another problem is that computers continue to get faster according to Moore's law. So the difficulty of the calculations required must be increased over time. However, developing countries can be expected to use older hardware, which means that they will find it increasingly difficult to participate in the email system. This also applies to lower-income individuals in developed countries who cannot afford the latest hardware.


Hashcash in blogs

Like e-mail, blogs often fall victim to comment spam. Some blog owners have used hashcash scripts written in the JavaScript language to slow down comment spammers.[1]

See also

References

  • Adam Back, "Hashcash - A Denial of Service Counter-Measure", technical report, August 2002 (PDF).
  • Ben Laurie and Richard Clayton, "'Proof-of-Work' Proves Not to Work", WEAS 04. (PDF).
  • Dwork, C. and Naor, M. (1992) "Pricing via Processing or Combating Junk Mail", Crypto '92, pp.139-147. (PDF)
  1. ^ [1] by Elliott Back

External links

Retrieved from "https://en.wikipedia.org/w/index.php?title=Hashcash&oldid=120271678"