Cryptographic puzzles are used to slow down an attack, by stopping the attacker from flooding the servers. It will not stop him from flooding the network, but usually that is a rather hard task if he can not establish a connection with the servers.
On Sat, Sep 7, 2019 at 1:57 PM Alex Monk <[email protected]> wrote: > I was under the (possibly mistaken) impression that the attacker was just > flooding the network with traffic? > > On Sat, 7 Sep 2019, 12:25 John Erling Blad, <[email protected]> wrote: > > > There are several papers about how to stop DDoS by using cryptographic > > puzzles.[1] The core idea is to give the abuser some algorithmic work he > > has to solve, thereby forcing him to waste processing power, and then to > > slow him down to a manageable level.[2] That only work if you are the > > target, and not some intermediary are targeted. > > > > Could it be a solution for the WMF servers? > > > > [1] http://d-scholarship.pitt.edu/24944/1/mehmud_abliz_dissertation.pdf > > (just a random pick) > > [2] > > > > > https://searchsecurity.techtarget.com/answer/TLS-protocol-Can-a-client-puzzle-improve-security > > (about > > TLS, but can also be done at the application level) > > _______________________________________________ > > Wikitech-l mailing list > > [email protected] > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
