On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
Also, we are only talking about a delay long enough to satisfy the longest circuit so you could not push your timestamp very far back and would have to get the fake one done pretty quickly in order for it to be worthwhile. The real question is could you fake a cryptographic timestamp fast enough to actually gain time on the system. Possibly but it would be a very tall order.
Why would generating a fake timestamp take longer than generating a real one? I assume you're proposing an architecture where if I were a trader, I'd have to buy a secure physical box from a third party trusted by the market, and I'd send my trade to that box and then it would timestamp it and sign it and then I'd send it to the market. Obvious failure modes include: (a) spoofing the GPS signal received by the box, so the box thinks the current time is some number of milliseconds before the actual time (how to do this is well understood and solved, and because GPS is one-way, even if the satellites started signing their time updates, that would only prevent spoofing times in the future, it wouldn't prevent spoofing times on the past), and (b) generating 10 trades at time X, then holding on to the signed messages until X+Y, and then only sending the ones that are profitable based on the new information you learned between (X) and (X+Y). Yes, there are some solutions. But most of those solutions have problems of their own. It's overwhelmingly difficult. (But also irrelevant, as I noted in my other post). If you think this through to what a working implementation would look like in detail, I think the failures become more obvious ... -- Brett