On Fri, Nov 18, 2005 at 08:05:34PM +0000, toad wrote: > On Fri, Nov 18, 2005 at 08:00:43PM +0000, Matthew Toseland wrote: > > On Fri, Nov 18, 2005 at 07:07:34PM +0000, Michael Rogers wrote: > > > Matthew Toseland wrote: > > > >it might be possible > > > >to do a CPU DoS in very little bandwidth (not a serious attack if it > > > >takes much longer to generate a signature than to verify one... does > > > >it?). > > > > > > It does with RSA, not sure about other algorithms... use 'openssl speed' > > > to find out... but what attack do you have in mind? Can the attacker > > > just send junk instead of real signatures? > > > > Hmmm... he probably can, yes. > > Specifically... inserting a steady stream of bogus SSKs. > > Having said that, this sort of thing would be fairly easy to detect... > Since we'd presumably verify on every hop, and not pass on invalid keys, > you could only DoS the nodes you are directly connected to. So it's a > pretty weak attack really, not worth worrying about too much; we can > just disconnect from nodes which do that.
It might be viable with premix routing, if we create a new tunnel for each request. (Which we might safely do, in a cellular premix system). But there are surely ways to prevent this even then, such as sending a message back in parallel to the tunnel, including the decryption key, to prove that the originator sent a bogus request. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051118/cac232b4/attachment.pgp>
