Hamiltonian path as protection against DOS.

James A. Donald jamesd at echeque.com
Thu Aug 17 17:32:14 EDT 2006

Anne & Lynn Wheeler wrote:
 > so a real SSL simplification, when the client contacts
 > the domain name infrastructure to do the domain name
 > to ip-address translation, the domain name
 > infrastructure can piggy-back the public key and any
 > necessary ssl options on the ip-address reply.
 > the client then composes a XTP transaction (has
 > minimum 3-packet exchange for reliable operation) that
 > has an "SSL" packet structure. the client generates a
 > random transaction key, encrypts the communication
 > with the random generated key and encrypts the random
 > key with the server's public key ... and sends it off
 > the encrypted random key and the encrypted
 > communication.

This is obviously the right way to do it - the current
system has security and checking boundaries in the wrong
place, as well as being unnecessarily verbose.

Yet the plan never went anywhere.  What happened?

There is a gap between communications that are highly
efficient with TCP, and communications that are highly
efficient with UDP.  Brief transactions (which must be
reliable and two way, but are brief, are not efficient
with either one.

Indeed, ideally we would have one protocol that rapidly
starts to approximate TCP behavior with communications
that for which TCP is good (transferring large files)
and that approximates UDP with communications for which
UDP is good.

          James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list