Re: raging bulls

[Brett Frankenberger <rbf+nanog () panix com>]

On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
> Also, we are only talking about a delay long enough to satisfy the
> longest circuit so you could not push your timestamp very far back and
> would have to get the fake one done pretty quickly in order for it to be
> worthwhile.  The real question is could you fake a cryptographic
> timestamp fast enough to actually gain time on the system.  Possibly but
> it would be a very tall order.

Why would generating a fake timestamp take longer than generating a
real one?  

I assume you're proposing an architecture where if I were a trader, I'd
have to buy a secure physical box from a third party trusted by the
market, and I'd send my trade to that box and then it would timestamp
it and sign it and then I'd send it to the market.

Obvious failure modes include: (a) spoofing the GPS signal received by
the box, so the box thinks the current time is some number of
milliseconds before the actual time (how to do this is well understood
and solved, and because GPS is one-way, even if the satellites started
signing their time updates, that would only prevent spoofing times in
the future, it wouldn't prevent spoofing times on the past), and (b)
generating 10 trades at time X, then holding on to the signed messages
until X+Y, and then only sending the ones that are profitable based on
the new information you learned between (X) and (X+Y).

Yes, there are some solutions.  But most of those solutions have
problems of their own.  It's overwhelmingly difficult. (But also
irrelevant, as I noted in my other post).

If you think this through to what a working implementation would look
like in detail, I think the failures become more obvious ...

     -- Brett