249:
405:
minutes between successive blocks. If only leading zeros were considered, then the difficulty could only be doubled or halved, causing the adjustment to greatly overshoot or undershoot in response to small changes in the average block time. Still, the number of leading zeros in the target serves as a good approximation of the current difficulty. In
January 2020,
345:. So the difficulty of the calculations required must be increased over time. However, developing countries can be expected to use older hardware, which means that they will find it increasingly difficult to participate in the e-mail system. This also applies to lower-income individuals in developed countries who cannot afford the latest hardware.
393:. A Bitcoin miner runs a computer program that collects unconfirmed transactions from users on the network. Together, these can form a "block" and earn a payment to the miner, but a block is only accepted by the network if its hash meets the network's difficulty target. Thus, as in hashcash, miners must discover by brute force the
492:
In a digital marketplace, service providers can use hashcash to build reputation to attract clients. To build reputation, a service provider first selects a public key as its ID, and then discovers by brute force a nonce that, when concatenated to the ID, results in a hash digest with several leading
483:
language to slow down comment spammers. Some scripts (such as wp-hashcash) claim to implement hashcash but instead depend on JavaScript obfuscation to force the client to generate a matching key; while this does require some processing power, it does not use the hashcash algorithm or hashcash stamps.
76:
The hypothesis is that spammers, whose business model relies on their ability to send large numbers of emails with very little cost per message, will cease to be profitable if there is even a small cost for each spam they send. Receivers can verify whether a sender made such an investment and use the
68:
of an email to prove the sender has expended a modest amount of CPU time calculating the stamp prior to sending the email. In other words, as the sender has taken a certain amount of time to generate the stamp and send the email, it is unlikely that they are a spammer. The receiver can, at negligible
425:
was able to check for
Hashcash stamps since version 2.70 until version 3.4.2, assigning a negative score (i.e. less likely to be spam) for valid, unspent Hashcash stamps. However, although the hashcash plugin is on by default, it still needs to be configured with a list of address patterns that must
165:
of the header. If the first 20 bits (i.e. the 5 most significant hex digits) of the hash are all zeros, then this is an acceptable header. If not, then the sender increments the counter and tries the hash again. Out of 2 possible hash values, there are 2 hash values that satisfy this criterion. Thus
149:
The header contains the recipient's email address, the date of the message, and information proving that the required computation has been performed. The presence of the recipient's email address requires that a different header be computed for each recipient. The date allows the recipient to record
38:
and described more formally in Back's 2002 paper "Hashcash - A Denial of
Service Counter-Measure". In Hashcash the client has to concatenate a random number with a string several times and hash this new string. It then has to do so over and over until a hash beginning with a certain number of zeros
509:
Client-Puzzles; hashcash is non-interactive and therefore does not have a known solution. In any case RSA's IPR statement can not apply to hashcash because hashcash predates (March 1997) the client-puzzles publication (February 1999) and the client-puzzles patent filing US7197639 (February 2000).
404:
specify a minimum number of leading zeros in the hash. Instead, the hash is interpreted as a (very large) integer, and this integer must be less than the target integer. This is necessary because the
Bitcoin network must periodically adjust its difficulty level to maintain an average time of 10
309:
On the other hand, as
Hashcash requires potentially significant computational resources to be expended on each e-mail being sent, it is somewhat difficult to tune the ideal amount of average time one wishes clients to expend computing a valid header. This can mean sacrificing accessibility from
508:
RSA has made IPR statements to the IETF about client-puzzles in the context of an RFC that described client-puzzles (not hashcash). The RFC included hashcash in the title and referenced hashcash, but the mechanism described in it is a known-solution interactive challenge which is more akin to
321:
One plausible analysis concluded that only one of the following cases is likely: either non-spam e-mail will get stuck due to lack of processing power of the sender, or spam e-mail is bound to still get through. Examples of each include, respectively, a centralized e-mail topology (like a
200:). This takes about two microseconds on a 1 GHz machine, far less time than the time it takes for the rest of the e-mail to be received. If the first 20 bits are not all zero, the hash is invalid. (Later versions may require more bits to be zero as machine processing speeds increase.)
458:
Microsoft also designed and implemented a now deprecated open specification called "Email
Postmark". It is similar to Hashcash. This was part of Microsoft's Coordinated Spam Reduction Initiative (CSRI). The Microsoft email postmark variant of Hashcash is implemented in the Microsoft mail
170:. Hence the sender will on average have to try 2 values to find a valid header. Given reasonable estimates of the time needed to compute the hash, this would take about one second to find. No more efficient method than this brute force approach is known to find a valid header.
337:
Most of these issues may be addressed. E.g., botnets may expire faster because users notice the high CPU load and take counter-measures, and mailing list servers can be registered in white lists on the subscribers' hosts and thus be relieved from the hashcash challenges.
210:
The recipient's computer checks whether the e-mail address in the hash string matches any of the valid e-mail addresses registered by the recipient, or matches any of the mailing lists to which the recipient is subscribed. If a match is not found, the hash string is
305:
proposals applying to legitimate e-mail that no real money is involved. Neither the sender nor recipient need to pay, thus the administrative issues involved with any micropayment system and moral issues related to charging for e-mail are entirely avoided.
317:
Hashcash is also fairly simple to implement in mail user agents and spam filters. No central server is needed. Hashcash can be incrementally deployed—the extra
Hashcash header is ignored when it is received by mail clients that do not understand it.
173:
A normal user on a desktop PC would not be significantly inconvenienced by the processing time required to generate the
Hashcash string. However, spammers would suffer significantly due to the large number of spam messages sent by them.
166:
the chance of randomly selecting a header that will have 20 zeros as the beginning of the hash is 1 in 2 (approx. 10, or about one in a million). The number of times that the sender needs to try to get a valid hash value is modeled by
63:
Hashcash is a cryptographic hash-based proof-of-work algorithm that requires a selectable amount of work to compute, but the proof can be verified efficiently. For email uses, a textual encoding of a hashcash stamp is added to the
230:
with the number of zero bits. So additional zero bits can be added (doubling the amount of time needed to compute a hash with each additional zero bit) until it is too expensive for spammers to generate valid header lines.
459:
infrastructure components
Exchange, Outlook, and Hotmail. The format differences between Hashcash and Microsoft's email postmark are that postmark hashes the body in addition to the recipient, uses a modified
234:
Confirming that the header is valid is much faster and always takes the same amount of time, no matter how many zero bits are required for a valid header, since this requires only a single hashing operation.
207:, which represents the date 8 Apr 2006). If it is not within two days of the current date, it is invalid. (The two-day window compensates for clock skew and network routing time between different systems.)
73:, trying random values until the answer is found; though testing an individual string is easy, satisfactory answers are rare enough that it will require a substantial number of tries to find the answer.
360:
hash function, the same ASIC technology could be used to create hashcash solvers that are three orders of magnitude faster than a consumer CPU, reducing the computational hurdle for spammers.
214:
The recipient's computer inserts the hash string into a database. If the string is already in the database (indicating that an attempt is being made to re-use the hash string), it is invalid.
218:
If the hash string passes all of these tests, it is considered a valid hash string. All of these tests take far less time and disk space than receiving the body content of the e-mail.
849:
802:
501:
Hashcash is not patented, and the reference implementation and most of the other implementations are free software. Hashcash is included or available for many
589:
883:
446:
email client. The project is named for the historical availability of conventional mailing services that cost the sender just one penny; see
824:
421:
with automated spam filtering systems, as legitimate users will rarely be inconvenienced by the extra time it takes to mine a stamp.
69:
computational cost, verify that the stamp is valid. However, the only known way to find a header with the necessary properties is
353:
196:
89:
931:
856:
708:
620:
1103:
776:
590:
https://www.csc.kth.se/utbildning/kth/kurser/DD143X/dkand12/Group5Mikael/final/Jonatan_Landsberg_and_Anton_Lundqvist.pdf
158:
The sender prepares a header and appends a counter value initialized to a random number. It then computes the 160-bit
373:
In contrast to hashcash in mail applications that relies on recipients to set manually an amount of work intended to
288:
1126:
314:
or else running the risk of hostile hosts not being challenged enough to provide an effective filter from spam.
518:
270:
47:
The idea "...to require a user to compute a moderately hard, but not intractable function..." was proposed by
1136:
1085:
Dwork, C. and Naor, M. (1992) "Pricing via
Processing or Combating Junk Mail", Crypto '92, pp. 139–147.
1104:
Beat spam using hashcash David Mertz's article on hashcash, its applications and an implementation in Python
880:
190:
162:
1108:
977:
426:
match against the Hashcash resource field before it will be used. Support was removed from SpamAssassin's
352:
use a hash function as their proof-of-work system. The rise of cryptocurrency has created a demand for
266:
31:
259:
167:
1002:
601:
Dwork, Cynthia; Naor, Moni (18 May 2001). "Pricing via Processing or Combatting Junk Mail".
1071:
Adam Back, "Hashcash - A Denial of Service Counter-Measure", technical report, August 2002
23:
733:
8:
443:
394:
390:
150:
headers received recently and to ensure that the header is unique to the email message.
1131:
937:
909:
502:
227:
70:
65:
463:
as the hash function, and uses multiple sub-puzzles to reduce proof of work variance.
941:
927:
616:
334:
or cluster farms with which spammers can increase their processing power enormously.
901:
923:
919:
606:
427:
311:
978:"RSA Security Inc. has submitted a patent application (US Serial No. 09/496,824)"
887:
780:
418:
1024:
890:
that implements a Hashcash-like facility, written in JavaScript, by Elliott Back
661:
605:. Lecture Notes in Computer Science. Vol. 740. Springer. pp. 139–147.
341:
Another projected problem is that computers continue to get faster according to
1079:
1078:
Ben Laurie and Richard Clayton, "'Proof-of-Work' Proves Not to Work", WEIS 04.
349:
342:
123:: Resource data string being transmitted, e.g., an IP address or email address.
1072:
1048:
565:
540:
1120:
850:"The Coordinated Spam Reduction Initiative: A Technology and Policy Proposal"
611:
476:
382:
48:
709:"Mail::SpamAssassin::Plugin::Hashcash - perform hashcash verification tests"
422:
323:
302:
906:
2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)
1086:
439:
637:"hashcash - hashcash anti-spam / denial of service counter-measure tool"
636:
480:
447:
273: in this section. Unsourced material may be challenged and removed.
27:
55:
in their 1992 paper "Pricing via Processing or Combatting Junk Mail".
52:
35:
754:
248:
914:
803:"Discontinued features and modified functionality in Outlook 2010"
406:
902:"Hashcashed Reputation with Application in Designing Watchtowers"
397:
that, when included in the block, results in an acceptable hash.
378:
357:
136:
182:
Technically the system is implemented with the following steps:
686:
356:-based mining machines. Although most cryptocurrencies use the
331:
107:: Number of "partial pre-image" (zero) bits in the hashed code.
203:
The recipient's computer checks the date in the header (e.g.,
479:. Some blog owners have used hashcash scripts written in the
460:
187:
159:
472:
955:
101:: Hashcash format version, 1 (which supersedes version 0).
779:. Pennypost.sourceforge.net. 16 June 2008. Archived from
326:), in which some server is to send an enormous number of
450:
for information about such mailing services in history.
1098:
226:
The time needed to compute such a hash collision is
113:: The time that the message was sent, in the format
900:Rahimpour, Sonbol; Khabbazian, Majid (3 May 2021).
899:
430:on 2019-06-26, affecting version 3.4.3 and beyond.
493:zeros. The more zeros, the higher the reputation.
400:Unlike hashcash, Bitcoin's difficulty target does
881:WP-Hashcash, a plugin for Wordpress blog software
1118:
777:"Penny Post: What do you mean by Postage Stamp?"
566:"Hashcash - A Denial of Service Counter-Measure"
186:The recipient's computer calculates the 160-bit
734:"Bug 7728 - Remove HashCash support from trunk"
541:"A partial hash collision based postage scheme"
238:
417:Hashcash was used as a potential solution for
129:: Extension (optional; ignored in version 1).
755:"Penny Post software project on SourceForge"
145:: Binary counter, encoded in base-64 format.
301:The Hashcash system has the advantage over
85:The header line looks something like this:
535:
533:
135:: String of random characters, encoded in
913:
610:
600:
289:Learn how and when to remove this message
594:
496:
1109:RSA IPR note to the IETF about hashcash
558:
530:
1119:
825:"Email Postmark Validation Algorithm"
271:adding citations to reliable sources
242:
80:
603:Advances in Cryptology — CRYPTO' 92
438:The Penny Post software project on
177:
34:. Hashcash was proposed in 1997 by
13:
221:
16:System for dealing with email spam
14:
1148:
1092:
453:
368:
433:
247:
153:
1041:
1017:
995:
970:
948:
893:
874:
842:
817:
795:
769:
747:
412:
381:employs a different hash-based
363:
258:needs additional citations for
204:
194:
114:
58:
924:10.1109/icbc51069.2021.9461123
726:
701:
679:
662:"Hashcash proof-of-work paper"
654:
629:
583:
519:Penny Black (research project)
379:Bitcoin cryptocurrency network
77:results to help filter email.
1:
1065:
1049:"Client-puzzle patent filing"
571:. hashcash.org. 1 August 2002
487:
42:
956:"C reference implementation"
689:. Hashcash.org. 26 June 2003
239:Advantages and disadvantages
198:::1QTjaYd7niiQA/sc:ePa"
193:of the entire string (e.g.,
88:X-Hashcash: 1:20:1303030600:
7:
1003:"SIP Computational Puzzles"
757:. Pennypost.sourceforge.net
512:
442:implements Hashcash in the
10:
1153:
32:denial-of-service attacks
830:. download.microsoft.com
612:10.1007/3-540-48071-4_10
524:
466:
91:::McMybZIhxKXu57jd:ckvi
1127:Cryptographic protocols
713:spamassassin.apache.org
377:malicious senders, the
908:. IEEE. pp. 1–9.
805:. Office.microsoft.com
409:had 74 leading zeros.
168:geometric distribution
497:Intellectual property
475:often fall victim to
94:The header contains:
1137:Email authentication
267:improve this article
24:proof-of-work system
783:on 19 February 2014
503:Linux distributions
444:Mozilla Thunderbird
886:2005-10-27 at the
862:on 21 October 2013
205:"060408"
195:"1:20:060408:
1099:Hashcash homepage
933:978-1-6654-3578-9
622:978-3-540-57340-1
299:
298:
291:
81:Technical details
1144:
1060:
1059:
1057:
1055:
1045:
1039:
1038:
1036:
1034:
1029:
1025:"Client Puzzles"
1021:
1015:
1014:
1012:
1010:
1005:. Tools.ietf.org
999:
993:
992:
990:
988:
982:
974:
968:
967:
965:
963:
952:
946:
945:
917:
897:
891:
878:
872:
871:
869:
867:
861:
855:. Archived from
854:
846:
840:
839:
837:
835:
829:
821:
815:
814:
812:
810:
799:
793:
792:
790:
788:
773:
767:
766:
764:
762:
751:
745:
744:
742:
740:
730:
724:
723:
721:
719:
705:
699:
698:
696:
694:
683:
677:
676:
674:
672:
666:
658:
652:
651:
649:
647:
641:
633:
627:
626:
614:
598:
592:
587:
581:
580:
578:
576:
570:
562:
556:
555:
553:
551:
545:
537:
350:cryptocurrencies
312:embedded systems
294:
287:
283:
280:
274:
251:
243:
206:
199:
178:Recipient's side
116:
1152:
1151:
1147:
1146:
1145:
1143:
1142:
1141:
1117:
1116:
1095:
1068:
1063:
1053:
1051:
1047:
1046:
1042:
1032:
1030:
1027:
1023:
1022:
1018:
1008:
1006:
1001:
1000:
996:
986:
984:
980:
976:
975:
971:
961:
959:
954:
953:
949:
934:
898:
894:
888:Wayback Machine
879:
875:
865:
863:
859:
852:
848:
847:
843:
833:
831:
827:
823:
822:
818:
808:
806:
801:
800:
796:
786:
784:
775:
774:
770:
760:
758:
753:
752:
748:
738:
736:
732:
731:
727:
717:
715:
707:
706:
702:
692:
690:
685:
684:
680:
670:
668:
664:
660:
659:
655:
645:
643:
639:
635:
634:
630:
623:
599:
595:
588:
584:
574:
572:
568:
564:
563:
559:
549:
547:
543:
539:
538:
531:
527:
515:
499:
490:
469:
456:
436:
419:false positives
415:
371:
366:
348:Like hashcash,
295:
284:
278:
275:
264:
252:
241:
224:
222:Required effort
180:
156:
92:
83:
61:
45:
17:
12:
11:
5:
1150:
1140:
1139:
1134:
1129:
1113:
1112:
1106:
1101:
1094:
1093:External links
1091:
1090:
1089:
1083:
1076:
1067:
1064:
1062:
1061:
1040:
1016:
994:
969:
958:. hashcash.org
947:
932:
892:
873:
841:
816:
794:
768:
746:
725:
700:
687:"Hashcash FAQ"
678:
667:. Hashcash.org
653:
642:. Hashcash.org
628:
621:
593:
582:
557:
546:. Hashcash.org
528:
526:
523:
522:
521:
514:
511:
498:
495:
489:
486:
468:
465:
455:
454:Email Postmark
452:
435:
432:
414:
411:
391:Bitcoin mining
370:
369:Bitcoin mining
367:
365:
362:
297:
296:
255:
253:
246:
240:
237:
223:
220:
216:
215:
212:
208:
201:
179:
176:
155:
152:
147:
146:
140:
130:
124:
118:
108:
102:
87:
82:
79:
60:
57:
44:
41:
26:used to limit
15:
9:
6:
4:
3:
2:
1149:
1138:
1135:
1133:
1130:
1128:
1125:
1124:
1122:
1115:
1110:
1107:
1105:
1102:
1100:
1097:
1096:
1088:
1084:
1081:
1077:
1074:
1070:
1069:
1050:
1044:
1026:
1020:
1004:
998:
979:
973:
957:
951:
943:
939:
935:
929:
925:
921:
916:
911:
907:
903:
896:
889:
885:
882:
877:
858:
851:
845:
826:
820:
804:
798:
782:
778:
772:
756:
750:
735:
729:
714:
710:
704:
688:
682:
663:
657:
638:
632:
624:
618:
613:
608:
604:
597:
591:
586:
567:
561:
542:
536:
534:
529:
520:
517:
516:
510:
506:
504:
494:
485:
482:
478:
474:
471:Like e-mail,
464:
462:
451:
449:
445:
441:
434:Email clients
431:
429:
424:
420:
410:
408:
407:block #614525
403:
398:
396:
392:
388:
385:challenge to
384:
383:proof-of-work
380:
376:
361:
359:
355:
351:
346:
344:
339:
335:
333:
330:e-mails, and
329:
325:
319:
315:
313:
307:
304:
293:
290:
282:
272:
268:
262:
261:
256:This section
254:
250:
245:
244:
236:
232:
229:
219:
213:
209:
202:
197:
192:
189:
185:
184:
183:
175:
171:
169:
164:
161:
154:Sender's side
151:
144:
141:
138:
134:
131:
128:
125:
122:
119:
112:
109:
106:
103:
100:
97:
96:
95:
90:
86:
78:
74:
72:
67:
56:
54:
50:
49:Cynthia Dwork
40:
37:
33:
29:
25:
21:
1114:
1052:. Retrieved
1043:
1031:. Retrieved
1019:
1007:. Retrieved
997:
985:. Retrieved
972:
960:. Retrieved
950:
905:
895:
876:
864:. Retrieved
857:the original
844:
832:. Retrieved
819:
807:. Retrieved
797:
785:. Retrieved
781:the original
771:
759:. Retrieved
749:
739:22 September
737:. Retrieved
728:
716:. Retrieved
712:
703:
691:. Retrieved
681:
669:. Retrieved
656:
644:. Retrieved
631:
602:
596:
585:
573:. Retrieved
560:
548:. Retrieved
507:
500:
491:
477:comment spam
470:
457:
437:
423:SpamAssassin
416:
413:Spam filters
401:
399:
389:competitive
386:
374:
372:
364:Applications
347:
340:
336:
327:
324:mailing list
320:
316:
308:
303:micropayment
300:
285:
276:
265:Please help
260:verification
257:
233:
225:
217:
181:
172:
157:
148:
142:
132:
126:
120:
110:
104:
98:
93:
84:
75:
62:
59:How it works
46:
19:
18:
866:11 February
787:11 February
718:11 November
693:11 February
440:SourceForge
343:Moore's law
279:August 2010
228:exponential
71:brute force
1121:Categories
1066:References
1054:13 October
1033:13 October
1009:13 October
987:13 October
983:. Ietf.org
962:13 October
915:2012.10825
834:13 October
809:13 October
761:13 October
671:13 October
646:13 October
550:13 October
488:Reputation
481:JavaScript
448:Penny Post
328:legitimate
43:Background
39:is found.
28:email spam
1132:Anti-spam
942:229340600
575:2 January
53:Moni Naor
36:Adam Back
884:Archived
513:See also
310:low-end
211:invalid.
121:resource
20:Hashcash
395:"nonce"
358:SHA-256
332:botnets
143:counter
139:format.
137:base-64
115:YYMMDD]
1111:(2004)
940:
930:
619:
387:enable
66:header
1087:(PDF)
1080:(PDF)
1073:(PDF)
1028:(PDF)
981:(Txt)
938:S2CID
910:arXiv
860:(PDF)
853:(PDF)
828:(PDF)
665:(PDF)
640:(Txt)
569:(PDF)
544:(Txt)
525:Notes
473:blogs
467:Blogs
461:SHA-1
428:trunk
375:deter
188:SHA-1
160:SHA-1
22:is a
1056:2014
1035:2014
1011:2014
989:2014
964:2014
928:ISBN
868:2014
836:2014
811:2014
789:2014
763:2014
741:2023
720:2021
695:2014
673:2014
648:2014
617:ISBN
577:2019
552:2014
354:ASIC
191:hash
163:hash
133:rand
111:date
105:bits
51:and
30:and
920:doi
607:doi
402:not
269:by
127:ext
99:ver
1123::
936:.
926:.
918:.
904:.
711:.
615:.
532:^
505:.
1082:.
1075:.
1058:.
1037:.
1013:.
991:.
966:.
944:.
922::
912::
870:.
838:.
813:.
791:.
765:.
743:.
722:.
697:.
675:.
650:.
625:.
609::
579:.
554:.
292:)
286:(
281:)
277:(
263:.
117:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
