RSA or DSA keylength as an anti-spam feature

Jérôme Pinguet jerome at
Wed Jul 2 03:26:07 CEST 2014


Thanks to the recent bikeshedding, I learnt that doubling keysize on an
asymetric key algorithm based on discrete logarithm or integer
factorization doesn't, by far, double the resistance to bruteforcing,
which in itself is seldom if ever the weak link in a secure
communication scheme.

It increases the resistance to bruteforcing only negligeably, and at the
same time, it increases the CPU time needed to encrypt/decrypt &
sign/verify *a lot*.

Could this last property of bigger keys, significantly increasing CPU
time needed to send encrypted/signed messages, be used as an anti-spam

OpenPGP as a kind of HashCash / proof of work solution to spam?

If this proposition makes sense, that would open the way for a huge
increase in user base! :-)

I'm thinking about automatically sending a reply (Wanna contact me?
Install GPG or use my OpenPGP.js contact form...)
then deleting unencrypted emails, at the MUA level. Does this make sense?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 726 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140702/aa3717af/attachment-0001.sig>

More information about the Gnupg-users mailing list