[10924] in cryptography@c2.net mail archive
Re: Shortcut digital signature verification failure
daemon@ATHENA.MIT.EDU (Bill Frantz)
Sat Jun 22 13:13:55 2002
In-Reply-To: <3D136E13.CA520B2F@nma.com>
Date: Sat, 22 Jun 2002 11:24:07 -0400
To: Ed Gerck <egerck@nma.com>
From: Bill Frantz <frantz@pwpconsult.com>
Cc: cryptography@wasabisystems.com
At 2:18 PM -0400 6/21/02, Ed Gerck wrote:
>A DoS would not pitch one client against one server. A distributed attack
>using several clients could overcome any single server advantage. A
>scalable strategy would be a queue system for distributing load to
>a pool of servers and a rating system for early rejection of repeated
>bad queries from a source. The rating system would reset the source rating
>after a pre-defined time, much like anti-congestion mechanisms on the Net.
>Fast rejection of bogus signatures would help, but not alone.
I had already thought of this approach, but wanted to add to it a CPU limit
on the client end. Hash cash with a server provided problem seems a good
approach there.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/CBDTPA is to | 16345 Englewood Ave.
frantz@pwpconsult.com | prevent fair use. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
