1994-02-15 - Simplified Digital Postage–Proposal

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 8423690d87bf1be54e81d0afb05e78fea559da31c881d7cedd74d8b7bbf6c065
Message ID: <199402152058.MAA24313@mail.netcom.com>
Reply To: N/A
UTC Datetime: 1994-02-15 21:19:46 UTC
Raw Date: Tue, 15 Feb 94 13:19:46 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 15 Feb 94 13:19:46 PST
To: cypherpunks@toad.com
Subject: Simplified Digital Postage--Proposal
Message-ID: <199402152058.MAA24313@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In the aftermath of the "Valentine's Day Massacre," the need for some
form of digital postage is more apparent than ever. In this note, I
propose an extremely simple system, based on the selling of numbers as
"coupons," redeemable for "passage" through a remailer. A more
sophisticated system based on true digital cash, perhaps based on
Magic Money," is more desirable, but almost anything is better that
the current system. (Well, not _anything_.)

Seeing the huge list of newsgroups that Detweiler attempted to post
to, I conclude that some form of "rate-limiting" function is needed.
In general, not just for Detweiler in particular.

Not posting quotas, not even source-level blocking (though in Det's
case, this is justified as a stop-gap measure), and not even "outgoing
moderation" (in which someone like Hal would scan the plaintext of
outgoing messages, briefly, to see if the text was malicious,
dangerous, etc.--not a great idea, for many reasons).

I propose remailers immediately adopt some form of digital
money/postage, even if current instantiations are not fully debugged
or optimized. "Magic Money" may be ready for such a trial use.

Advantages:

- causes those who wish to "flood" (cf. Hal's huge list) to at least
pay for the flooding

- is an immmediate use for a crude form of digtial money, a test bed
for ideas and a stimulus for new features, improvements

- is "voluntary": those remailers who don't wish to bother with this
digital postage can then get the heavy volume of flooders!

- subtle flaws in digital money protocols (and I doubt "Magic Money"
is completely free of subtle or not-so-subtle flaws...everything needs
debugging and evolutionary learning) will not be so serious when only
"postage" is involved. As opposed to "real money" situations, where
finding a way to break or spoof the protocol could result in large
amounts of money being lost. At least with digital postage, about the
worst that could happen is someone gets free remailing--the current situation.

- the experimental use would take place with "remailer-savvy" users,
which is better than trying to educate the outside world at this time

- and of course, a charge of, say, $2.00 in real money (send in $20,
get bact 10 remailer "stamps" of some form, suitably anonymized
through a blinding procedure a la Chaum) would mean that posting to 20
newsgroups would be a nontrivial expense for a would-be flooder.

(Actual rates would vary, as determined by the market and by the
willingness of a remailer operator to put up with the kinds of hassles
Hal is now seeing. I won't presume to speculate on the likely price of
a stamp. It would depend on the destination. I know, for example, that
I'd be willing--if I ran a remailer--to remail small items to single
destinations for a lower fee, perhaps for free, than I would to mail
large items to mail-to-Usenet gateways!)

How ready is Magic Money for a test-bed use like this?

How willing are remailers to try this? Both Hal Finney and Karl Barrus
have code for remailers (Karl's is more recent, Hal's is in wide use).
Could their code be modified easily to accomodate a primitive form of
stamps?

Could such stamps be sold in a reasonable way? 

Simple-minded approach to digital postage stamps: In my simplistic
view, which I proposed a while back, stamps are merely 20- or 30-digit
numbers. Imagine someone going to a Cypherpunks meeting with a box of
these numbers, printed on slips of paper. For $10, say, one can reach
in to this box and take out, say, 20 stamps.  The seller doesn't know
who got what stamps, so long as enough are sold, and he "honors" a
stamp when the appropriate number is included in a message. For
example:

::Stamp 29038571037489236478380016283
::Request-Remailing-To: foo.bar
etc.

The stamp selling process could be computerized, but more
sophisticated means of ensuring tracking is not done would have to be
use (e.g., blinding, or multiple resellers).

Can random guesses be made? Not feasible, with 20- or 30-digit
numbers.

Can the stamp seller repudiate or not honor a number so as to cheat
the purchaser? Sure, but that's not a viable long term business. And
word would get out. Some folks might report regularly on "remailer
reliability," a la the "ping" reports several folks have issued.
Reputations matter.

Can the same number be used twice? Not if the remailer removes the
number from his list of "sold" numbers. (This assumes each number or
stamp is specific to some remailer, the easiest case to handle. Having
"global" stamps complicates things greatly and introduces the expected
issues of database synchronization, clearinghouses, fraud, etc. This
is why "coupons" are easier to make than "currency."

What do you folks think? Seems to me we could deploy a fairly simple
digital postage system quickly. This could begin to immediately cut
down on flooding attacks on the remailers.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power:2**859433 | Public Key: PGP and MailSafe available.




Thread