Shortcut digital signature verification failure
Bill Frantz
frantz at pwpconsult.com
Fri Jun 21 02:08:37 EDT 2002
I have been thinking about how to limit denial of service attacks on a
server which will have to verify signatures on certain transactions. It
seems that an attacker can just send random (or even not so random) data
for the signature and force the server to perform extensive processing just
to reject the transaction.
If there is a digital signature algorithm which has the property that most
invalid signatures can be detected with a small amount of processing, then
I can force the attacker to start expending his CPU to present signatures
which will cause my server to expend it's CPU. This might result in a
better balance between the resources needed by the attacker and those
needed by the server.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
frantz at pwpconsult.com | fair use. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list