Bill wrote: > I have been thinking about how to limit denial of service > attacks on a server which will have to verify signatures on > certain transactions. It seems that an attacker can just > send random (or even not so random) data for the signature > and force the server to perform extensive processing just to > reject the transaction. > > If there is a digital signature algorithm which has the > property that most invalid signatures can be detected with a > small amount of processing, then I can force the attacker to > start expending his CPU to present signatures which will > cause my server to expend it's CPU. This might result in a > better balance between the resources needed by the attacker > and those needed by the server.
Neat idea. So neat in fact that RSA Security has a patent on it. :-) Sorry, I don't have the patent number handy. --Lucky --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
