Proof-of-Work Proves Not to Work
by Ben Laurie, Richard Clayton
2004-05-03
Language:
English
Note: Presented at the Third Annual Workshop on Economics and Information Security (WEIS04).
External links
Full text: PDF
Abstract
A frequently proposed method of reducing unsolicited bulk email ("spam") is for senders to pay for each email they send. Proof-of-work schemes avoid charging real money by requiring senders to demonstrate that they have expended processing time in solving a cryptographic puzzle. We attempt to determine how difficult that puzzle should be so as to be effective in preventing spam. We analyse this both from an economic perspective, "how can we stop it being cost-effective to send spam", and from a security perspective, "spammers can access insecure end-user machines and will steal processing cycles to solve puzzles". Both analyses lead to similar values of puzzle difficulty. Unfortunately, real-world data from a large ISP shows that these difficulty levels would mean that significant numbers of senders of legitimate email would be unable to continue their current levels of activity. We conclude that proof-of-work will not be a solution to the problem of spam.
