Hamiltonian path as protection against DOS.
James A. Donald
jamesd at echeque.com
Thu Aug 17 16:41:31 EDT 2006
--
alan wrote:
> But if the packets are forged, wouldn't that turn it
> into a different kind of DOS?
>
> If I can get you to blacklist Alice by sending n
> forged attack packages, then my DOS succeeded, if my
> goal is to deny a connection between you and Alice.
The goals is usually to shut down a money making
service, in order to extort protection payments from
them. Shutting off a few clients is not a goal.
The photuris protocol that Bill Stewart mentioned does
an initial exchange wherein the server sends some random
bytes to the client, and the client must respond with
those random bytes before the server does any work at
all. This means that the adversary cannot easily and
cost effectively impersonate Alice's IP, for large
numbers of Alices, unless they have upstream control of
the server's pipe - which would require them to be
physically rather close to the server, and if they are
physically rather close then the owner of the server can
find them and go after them with an axe handle, reducing
the problem to the previously solved problem of
protecting property rights in physical space.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
Vd1vET3dgr85QVK7NkeKqXbuKv71rJtvAtE/6g9O
4rd/c+MMCzQCtCpvt4KYLGwIMyBJauOzgF9YYvZIU
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list