Derivation of peer's address from identity should be expensive to calculate, but easy to validate

To prevent intentional identity collisions, deriving the address from the public-private key pair should be an expensive operation. In contrast, checking whether an address belongs to a given public key should be a cheap operation.