[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Use of Encryption in Heartbeat Packets
>>>>> "Andrew" == Andrew Krywaniuk <akrywani@newbridge.com> writes:
Andrew> I don't disagree with your analysis, except on one point.
Andrew> DoS Analyis ----------- In your example with the SPI list,
Andrew> you assume that the SPI list only adds 200 bytes to the
Andrew> packet. This is not necessarily true in the DoS case because
Andrew> the adversary can make the packet as long as he wants.
An implementation will want to put sensible bounds on the packet size.
There's the 64k UDP limit, of course, but you really need to be able
to set limits far lower than that. Not just for DoS resistance but
for many other reasons as well.
Andrew> In general, full-packet HMAC authentication does not provide
Andrew> good DoS resistance.
I believe you're making some unstated assumptions there that may not
be valid for other implementations.
*If* it is practical in an implementation to do crypto in software,
*and* to do packet validation on the fly while you're doing that, yes,
then your point may be valid.
On the other hand, if you're using hardware crypto, as you well may in
high end systems, HMAC is definitely the best and most efficient
method for verifying that a packet is good.
Andrew> Of course, the adversary could still flood the host with
Andrew> small packets, but that is more likely to set off alarm bells
Andrew> on an external monitoring system.
Not necessarily for a DDoS attack, or even if the alarms go off you
may not be able to do much about it.
paul
Follow-Ups:
References: