The TLS WG has generally been critical of PoW schemes. It's not clear that there is any PoW parameter that would be acceptable for common mobile devices while providing meaningful protection against a typical botnet. At a minimum, PoW seems like a "last resort" after all other DoS mitigation measures, due to its high cost for legitimate clients. That means a PoW scheme should be used in a targeted way (focusing on the most suspicious clients) and engaged dynamically (only during an attack, with dynamic difficulty adjustment).
Leaving aside the merits of PoW generally, this PoW has some issues. - It can be computed in advance, allowing burst attacks. - It is incompatible with IPv4 NAT. - It requires the server to perform an additional round of ECDHE and signature validation. I'm sympathetic to the goal of a pure noise wire image [1], but I believe that can be achieved at much lower cost, and should be separated from PoW. --Ben Schwartz [1] https://datatracker.ietf.org/doc/draft-cpbs-pseudorandom-ctls/ ________________________________ From: [email protected] <[email protected]> Sent: Tuesday, March 17, 2026 2:31 AM To: Tls <[email protected]> Subject: [TLS] New Draft: StealthFlow Protocol (SFP) v1.4 - Solving Handshake Fingerprinting & Asymmetric DDoS Hi TLS Working Group, I am introducing a significant update to my individual draft: draft-eli-stealthflow-protocol (v1. 4). The StealthFlow Protocol (SFP) acts as a stateless "transport armor" layer designed to precede TLS or QUIC sessions. While Hi TLS Working Group, I am introducing a significant update to my individual draft: draft-eli-stealthflow-protocol (v1.4). The StealthFlow Protocol (SFP) acts as a stateless "transport armor" layer designed to precede TLS or QUIC sessions. While ECH and TLS 1.3 have improved privacy, early handshake fingerprints and asymmetric DoS costs remain significant operational risks. Key enhancements in v1.4 include: 1. Dynamic Guide Identifiers: Replaces static headers with non-deterministic identifiers derived from nonces, ensuring the initial packet appears as high-entropy noise to DPI. 2. Strict 10-30ms Time-Lock PoW: Implements a narrow freshness window that forces attackers to perform real-time computation, effectively neutralizing pre-calculated or large-scale botnet floods. 3. Stateless Server Processing: Enables servers to validate and fail-silent at the XDP/eBPF layer without allocating memory state for unauthenticated requests. 4. Blind-Push Mechanism: Successfully handles the "unknown server public key" scenario during the first encounter, ensuring immediate protection. I would appreciate feedback on the economic feasibility of the PoW parameters and the protocol's integration with high-performance edge filtering. Link: draft-eli-stealthflow-protocol-00 - 隐形流协议(SFP)<https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-eli-stealthflow-protocol/__;!!Bt8RZUm9aw!_7IeTnoB4keLakcaGn3a6D6fyoRAEZnsz5HWkO1Xzi-jKER0lFsEosH83rpBlJ9aJympyi_YM03qbxyKnQ0UTRiIIew$> Best regards, Z. Eli
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
