RPOW - Reusable Proofs of Work 191
mitd writes "Hal Finney is inviting folks to test drive his new hashcash-based server rpow.net.
" The RPOW system provides for proof of work (POW) tokens to be reused. A POW token is something that takes a relatively long time to compute but which can be checked quickly."
Hal's security model paper is well worth the read and his proof of concept code is available for download.
"
Easier Explanation of RPOW & RPOW Uses (Score:4, Interesting)
It's not clear to me that there is an obvious and immediate equivalent for RPOWs in existence. I'd be interested in hearing what people think this would be good for. It generally seems useful for making sure people do x amount of work before they are allowed to perform a task, but what can that be used for?
---------------------
Freedom or Evil: Freevil.net [freevil.net]
G. W. Bush says, "You decide!"
Proof-of-work tokens as an anti-spam measure? (Score:5, Interesting)
An interesting scheme...
One potential problem I see with such an anti-spam measure is that I keep hearing about spam runs being done from many regular users' computers by means of a spamming worm infrection. Such a worm could also be adapted to generate the POW tokens... or even steal them from the users' incoming email and re-use them under this scheme! That'll be just great, having your computer not only hijacked to send out spam, but loaded down with the heavy burden of generating POW tokens.
Re:Verify (Score:5, Interesting)
However this probably doesn't work [cam.ac.uk] (PDF) [or as html [66.102.9.104]].
Background (from that paper):
Zombie farms (Score:5, Interesting)
a) to be useful for anything involving third parties where you don't already have a trust relationship, this would need to be common/easy enough to get that other people already have software to support these things. That's not going to happen any time soon - it's a big enough change you may as well come up with an already secure email infrastructure [insert boilerplate "why your solution to spam is stupid" here].
b) 8 tokens per second? Puhleaze. I get that many emails through just one small server with 5 domains on it.
c) as the subject says. Zombies. In a world where thousands of low TC0 machines are sitting around running malware, it's piss-easy for the blackhat spammers to collect their 8 tokens/second by running POWer@home on their zombie farm.
BZZZZt. Strike three and you're out. Nice idea, but not practical.
Reusable Tokens (Score:3, Interesting)