-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Imagine the following attack: for each word or phrase in a dictionary,
the attacker generates the corresponding KSK keypair and creates a KSK
pointing to an attacker-controlled site. The attacker doesn't insert the
fake KSK, but if it ever receives a request for the KSK, it returns the
fake version instead of forwarding the request.
The important thing to note is that the attacker doesn't have to control
the node at the KSK's location: it can opportunistically spoof any
requests that pass through its node. To work out how dangerous this
attack is, we need to work out the probability that a given request
passes through a malicious node.
If we assume the attackers are uniformly distributed around the circle,
the probability of a request hitting at least one malicious node in h
hops is 1-(1-c/n)^h, where c is the number of malicious nodes and n is
the number of nodes. Here are the probabilities:
attackers
1% 5% 10%
1 0.01 0.05 0.1
2 0.02 0.10 0.19
h 3 0.03 0.14 0.27
o 4 0.04 0.19 0.34
p 5 0.05 0.23 0.41
s 6 0.06 0.26 0.47
7 0.07 0.30 0.52
8 0.08 0.34 0.57
In other words an attacker that controls 5% of the nodes can spoof a
significant fraction of KSK requests.
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFErOd0yua14OQlJ3sRAkrgAJ9bx8iPY5nPu1C5f63aNxX6tStsQQCfSvSe
pR2stZeZ4LO+4EW2IwlAXqs=
=R8kj
-----END PGP SIGNATURE-----
