-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/04/14 19:02, Trevor Perrin wrote: > I think you want signatures for garbage messages which fail > end-to-end authentication but could be used to fill the recipient's > mailbox with junk.
I don't see how the recipient's mailbox could be filled with junk by anyone except the server. Anyone else would need a token to submit a message; tokens are only issued to authorised senders, and the number of tokens in circulation is controlled by the recipient, so it can be kept within the capacity of the mailbox. > With signatures a recipient can attribute a garbage message to a > particular sender, or to the server (if the message can't be > attributed to a sender, e.g. bad signature). Hmm, good point. How about this: the recipient gives random tokens to authorised senders, and the hashes of the tokens to the server. Now the server can only send a message by dropping a submitted message and stealing its token. If the recipient receives a junk message with a valid token then either the sender sent a junk message, or the server dropped a submitted message and stole its token. If we trust the server not to drop submitted messages (which I think we must under any scheme) then this works as far as I can see - without requiring group signatures. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJTPbubAAoJEBEET9GfxSfM/14IAJ75Ha6EQVtU0RUWwyIMf0wk 16G4f5pkl8MP6LXAlbTG3pRM7bgsunecaLfaaaIMKNCq7jbNedfXu/VQZpQtVpT2 G+4IKt5dkYVGmBA+YTSvNHrScaL/rYfnkMsKBhUNzjwm8uJntymubtYsXcXhlQXr Gn5BtN3Z8myww+iObmGNt+kaYs2daO3WGtWScIqDbVbFPLAmwH5BSxvVbdymmrKo ogXH9gAM4GZSibl7/XFrNMtJyJDc9+ehFonqj270xVWdGc5CULzgefIFKCsFDF/h EgMUB4dsOw501dzusEHwpYfQnznr41jYgyYTyIRQdN5hetK7Im5eHwfsQc/ris8= =/JqR -----END PGP SIGNATURE----- _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
