Hamiltonian path as protection against DOS.

Bill Stewart bill.stewart at pobox.com
Tue Aug 15 13:37:20 EDT 2006

Crypto is usually about economics and scalability.

If you're doing this for DOS/DDOS prevention,
you don't need the NP-completeness perfection you get from
Hamiltonian paths or similar problems - SHA is fine,
or any other hash that's quick to verify and
hard to reverse.  Even MD5 is probably still ok...
Calculating any of the hashes probably takes less time than
handling the packets does.

It's almost certainly better for you if they harass you by
sending you bogus SHA pieces that you can process quickly
than bogus DH pieces that take you a while,
and if it's not too distributed an attack,
you can also blacklist senders IP addresses.

At present I'm skeptical about the need for
that kind of protection - a simple UDP or TCP handshake
and maybe a Photuris cookie are enough to
take care of most forgery attacks
and let you blacklist hostile senders.
But malware writers are tenacious bastards,
and perhaps there are or will be applications where
this sort of protection could be useful -
merely insisting that attackers use _your_ protocol
is probably enough to cut down on 99.99% of attacks
unless you get the protocol widely adopted.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list