[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hacker strikes through student's router



On 11/11/05, Anthony DiPierro <or@xxxxxxxxx> wrote:
> One idea I've played with in my head for a different type of network,
> but which could apply to Tor too, is using processing power as the
> base unit.  Someone would set up a bunch of public/private keypairs or
> md5 hashes or some other sort of one-way function (destroying the
> answers which you'd have to trust them to do), and you'd have to crack
> them in order to get a token.  Different tokens would have different
> values depending on how widespread they were, because the same exit
> node wouldn't accept the same token twice, and as time goes on the
> tokens would get easier and easier to crack, so you'd have to have
> progressively harder to crack values to sustain this over time.  Using
> public/private keypairs of varying strengths would have the advantage
> that you could prove that you possess a token without actually giving
> up that token, but I'm not sure exactly what the use of that would be.

You might look at hashcash.org or rpow.net which both use ideas like
this. Hashcash is based on hash collisions of n bits, such that it
takes about 2^n tries to generate an n-bit hashcash token. The rpow
system came out last year and was supposed to let people exchange
hashcash for ecash via a centralized server, but I'm not sure of its
current status.

To make this more concrete, when you set up a Tor circuit the
originator would "pay" the exit node using hashcash. Then you'd want
to have the exit node re-use those hashcash tokens for its own Tor
activities, or sell them on some kind of market to other Tor users.

One thing to think about is how expensive this should be, in terms of
CPU time. If you make it too cheap, hashcash that just takes a few
seconds to generate, then it's not much of a reward for exit node
operators. If you make it too costly then it becomes a burden to using
the system, for people who don't run exit nodes.

A unique feature of anonymity systems is that usage is a public good:
the more the system is used, the better the anonymity. More users
means a bigger crowd to hide within. You don't want to tune the system
to make it so expensive that no one can afford to use it. At the same
time, a pseudo-financial incentive could motivate people to donate
resources to the project. It would be interesting to see some
experiments along these lines.

CP