Presentation on theme: "Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner."— Presentation transcript:
Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner & Daniel M. Havey Department of Computer Science Cal State University San Bernardino Presented by Phil Lucas
Payment Based Solution Mail Transfer Agents (MTA) Lightweight Currency Protocol – Can create your own currency – Can use other mail domain’s currency – Can use other LCP-based service providers
Definition of Indiscriminately copied to millions of inboxes as opposed to “opting in” Contains false return addresses or other false envelop data Contains material considered objectionable by most and sent without consent Generated by a computer virus or has been specifically formatted to pass through email filters
Definition of Junk Mail Unsolicited email that does not fall into the “Spam” category Advertising targeted to the recipient Similar to USPS junk mail
Legislation Governments pass laws against sending spam and enforcement of laws reduces spam after spammers begin to fear punishment Social costs of increased government control of speech Economic costs of enforcement Spam can originate from foreign countries Solution:
Legislation The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography And Marketing Act) (effective January 1, 2004) – Established Requirements for commercial email – Spells out penalties for spammers – Gives consumers right to opt- out Solution:
Not 100% accurate – BOTH false positives and false negatives Encourages spammers to send more in order to bypass filters Does little to reduce actual cost of spam Solution:
Payment Cooperating email systems create an economic disincentive to spam Small enough payment to allow legitimate email Large enough to make sending large numbers of junk email unprofitable Advertisers are willing to pay $.20/junk mail today, certainly $.01/email is okay Solution:
Payments cont… Proof-of-work (POW) – Sender must perform time- consuming calculation Spammer will not have resources to perform millions of calculations Waste resources of sender and compute time varies wildly between processors Charity stamps – proceeds go to Charities (Who? How much?) Solution:
Overview of + Self-regulated + Fully open market + Multiple currencies + Not restricted to email services Solution:
LCP Continued… Lightweight Currency Protocol Can be used as a medium of exchange independent of any particular application Easy to implement Not directly tied to real-world currencies
Continued… Organization generates public/private key pair and distributes the public key. Alternatively, a certificate can be issued binding the domain name to the public key. Currency holders also generate public/private key pair
Something to Note about LCP A currency holder holds a particular currency when the issuer of that currency has a record of it.
How LCP works Request Funds Msg Acknowledge Msg Payment Made Msg Identification msg SenderReceiver
LCP-Based Email Email servers require a payment in LC to accept incoming email Responsibility is placed on the email service providers to ensure that spam is not passing through their system
LCP - Based Email: Case 1 A and B have a history of mail exchange If A holds B dollars, A pays B one B dollar for the email If B holds A dollars, A sends another A dollar
LCP -Based Email: Case 1, cont. If B has too much A currency, B requests alternatives A sends list of alternative currency it holds – Wide acceptance currency – Domains with large amounts of B currency
LCP - Based Email: Case 1, cont. Reasons B will accept alternative currencies – B can redeem alternatives elsewhere on the net – B can redeem currencies for real-world $$$ – B wants to avoid the same situation A is currently in
LCP - Based Email: Case 2 A is sending to B for the first time Although unlikely, if A holds B dollars, it uses them Tries to use A dollars If B trusts the certificate from A, it may trust a limited amount of email B users respond to A email, so B uses A dollars to send it back
LCP-Based Email: Case 2 Possibility of spam if cost of new certificates is less than profit from spam Recommended practice would be to accept widely accepted currencies or domains with B currency
LCP-Based Email Spammers send out large amounts of mail with few responses, so spammers could not acquire large amounts of alien currencies Spammers would have to sell services or purchase currencies outright
LCP-Based Email Imbalances List operators could request support from users Prices could be different for outgoing vs. incoming mail. Example: a domain that sends out twice as much mail as received could charge twice as much for incoming mail as outgoing. Commercial sites could absorb cost of statements and confirmations.
Why LCP? SOAP-based, relatively easy to implement into applications Fully transferable into other contexts, so will more easily acquire value Providers that send more email than received have access to other methods of acquiring necessary currency Providers that receive more currency than they spend can easily redeem it for other resources
LCP in Action Agent Need $100 Yahoo Alice@Yahoo.com $100 Yahhoo $100 Yahoo Email Newsletter Yahoo.com
Security Issues Throwaway identity attack – Naïve policy accepts currency from anyone – Spammer generates as many public key identities as necessary to send mail
Security Issues Man-in-the-Middle attack – Policy that accepts non-bound public key certificates – Middleman impersonates sender or receiver Example: A is sending email to B and B accepts A dollars. C delivers email to B for A, but makes B think its public key is from A. B accepts worthless currency from C. In the meantime, C accepts worthwhile currency from A. Little currency at stake, but possible disruption of service and trust issues between A and B
Security Solutions Small systems should not accept currency from domains it does not send mail to Large systems would require spammer to buy too many certificates, so built-in economic disincentive by virtue of the size
Deployment Partial Deployment – System accepts both payment and ordinary based email – Service providers encouraged to migrate incrementally – Spam eliminated by growing list of cooperating domains
Deployment Full Deployment – Users maintain two email addresses, one for payment email and one for ordinary email Small systems must limit imbalances to a fraction of the total number of inboxes After trust is established, limits can be increased Users should NOT respond to Spam!
Hybrid Approach A establishes LCP mail domain in addition to ordinary mail. Mail arrives from B, A announces to B its support for LCP If B is not a LCP domain, A accepts mail to ordinary mail inbox If B is LCP domain, A and B negotiate payment and LCP inbox is used. Eventually ordinary mail goes unused and is the sole domain of Spam
For More Information… http://www.lightweightcurrency.org email@example.com firstname.lastname@example.org http://csci.csusb.edu/turner/papers/turner_spam.pdf
Summary Spam does not NEED to be on every menu! Questions?