Status: Ready for product development
Cynthia Dwork began thinking about the problem of junk e-mail more than 10 years ago, back when most people knew “spam” only as processed meat. She came up with the idea of requiring any networked computer to solve a separate little math problem for each e-mail it sent. Proof that the problem had been solved would be attached to the e-mail, and no other computer would accept a message that did not come with this certification (see “Making Spam Expensive,” TR April 2003). “The idea is that legitimate users will not even notice,” says Andrew Goldberg, who works with Dwork at Microsoft Research. “But those sending out billions of pieces of unsolicited mail-their cost of doing business will skyrocket.” Say that solving the problem takes 10 seconds for an average computer; a single computer working round the clock could send out only 8,600 messages. To stay in business, spammers would have to invest heavily in new hardware.
But there’s a snag: users with newer, faster computers may not notice the extra computation, but those with older machines could experience serious performance lags. So Goldberg and Dwork set out with Microsoft Research colleague Ted Wobber to adapt the method so that it relies on a computer characteristic that hasn’t improved as quickly as chip speed-that is, “memory latency,” or the amount of time it takes for a computer’s processor to fetch needed data or instructions from its memory chip. A cryptographic puzzle that is simple enough not to overtax the processor but that requires data to be retrieved from memory evens out the difference between newer and older computers. The team has demonstrated the method, which Wobber says could be built into e-mail programs such as Outlook, into e-mail servers, or into Web browsers used to send and view e-mail. To promote deployment of the technique, Microsoft is talking with computer and Internet companies to develop a standard.