The first reaction some people have when introduced to SG is: "Nice idea! But what's to stop a spammer from creating disposable addresses for me at will". Our response so far has been
1. It happens very infrequently
2. If it does happen you can switch to watchwords
There is a lot of practical wisdom behind that advice. But on a theoretical level I have always been unsatisfied with watchwords (or prefixes, which predate watchwords and don't provide as much flexibility). That's because once someone knows the disposable address you have created it's too easy for them to bomb your mailbox.
Recent experiences by some SG users got me thinking on whether there is a user-friendly way to fix this security hole. The user-friendly requirement is important as otherwise I could just require you to compute the MD5 hash of the "word" part of the disposable address (DA) and include the first 6 characters as the prefix. That suggestion is unworkable when we have to think up a DA on the fly and don't have access to a computer.
So what I would really like is a hash function that has the following properties:
1. it is easy to compute. i.e. without pen/paper.
2. it takes in a secret key as one of the two inputs (the other input would be the word part of the DA).
3. it is reasonably resistant to a known-plaintext attack. i.e. even if
someone knows the words and corresponding hashes for a handful of addresses they should not be able to derive the secret. note that a hash function which satisfies the first condition would not be completely immune to cryptanalysis.
I realize that it is probably not worthwhile to implement such a scheme right now. So this is largely an academic discussion. But it is an interesting exercise to try to meet all these requirements.
Ideas for such a hash function?
Next thing after watchwords?
3 posts
• Page 1 of 1
Next thing after watchwords?
by maratheamit » Fri Mar 05, 2004 2:29 am
- maratheamit
- Posts: 82
- Joined: Fri Aug 29, 2003 2:35 pm
by vsp » Fri Mar 05, 2004 4:05 pm
One of the drawbacks of watchwords is that all characters in it have to appear consecutively in the new ID being created.
For example, if my watchword is ant
pants, anton, wanted are valid IDs, but aunty is not.
Given enough samples of the IDs created, it wouldn't be difficult to identify the watchword .
My suggestion:
Why not give people the ability to construct regular expressions as watchwords? That way the SG software just matches the regular expression against the ID constructed and it would be more difficult to guess what the valid regex is .
For example, if my watchword is ant
pants, anton, wanted are valid IDs, but aunty is not.
Given enough samples of the IDs created, it wouldn't be difficult to identify the watchword .
My suggestion:
Why not give people the ability to construct regular expressions as watchwords? That way the SG software just matches the regular expression against the ID constructed and it would be more difficult to guess what the valid regex is .
- vsp
- Posts: 33
- Joined: Thu Mar 04, 2004 3:24 pm
by josh » Fri Mar 05, 2004 8:29 pm
vsp, what you suggest is already true -- sg uses regex matching for the watchwords, so ^ant.*r$ works like you think it would. The FAQ does say this now, but we've hesitated to push it too hard (at the though of having to explain regex to Aunt Millie)
Amit - a hash approach is intriguing -- at the moment, I can't think of a user-friendly way to pull it off, but I'll keep trying.
Amit - a hash approach is intriguing -- at the moment, I can't think of a user-friendly way to pull it off, but I'll keep trying.
- josh
- Posts: 1371
- Joined: Fri Aug 29, 2003 2:28 pm
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 75 guests