[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Resistance to swamping attacks via Kim Tom's idea
> The receiver has only one MD5 computation to perform, and so he is able
> to check packets 2^k times more efficiently than an attacker can generate
> them.
The attacker can pre-compute a million valid packets and send them
cyclically. To avoid verifying them all, the victim would have to
allot O(million) space.
Or even simpler: the attacker does zero MD5 computations and sends
packets which always (or usually) fail the test. Now who is spending
more cycles?
_________________________________________________________
Matt Crawford crawdad@fnal.gov Fermilab
PGP: D5 27 83 7A 25 25 7D FB 09 3C BA 33 71 C4 DA 6A