[11332] in cryptography@c2.net mail archive
Re: An authentication question
daemon@ATHENA.MIT.EDU (Adam Fields)
Mon Aug 5 23:47:03 2002
Date: Mon, 5 Aug 2002 23:32:28 -0400
From: Adam Fields <fields@surgam.net>
To: Matthew Byng-Maddick <cryptography@lists.colondot.net>
Cc: cryptography@wasabisystems.com
In-Reply-To: <20020805222103.GB34063@colon.colondot.net>
On Mon, Aug 05, 2002 at 11:21:03PM +0100, Matthew Byng-Maddick wrote:
> On Mon, Aug 05, 2002 at 04:44:28PM -0400, Jack Lloyd wrote:
> > In the second version, any random user (or script) could upload very large
> > files, wasting your bandwidth, and also CPU time when you check the sig. Or
> > lots and lots of really small files, which would swamp your CPU(s) trying
> > to check 500 sigs a second (makes for a good DDOS).
>
> public key operations are significantly faster than private key ones. So it
> is far easier to check 500 sigs than to generate them in the first place.
If I remember correctly, that's not necessarily the case, but it's
also only relevant if you assume that the attacker is generating valid
signatures (why would they bother, since they won't check out anyway?)
and not just throwing random bitstrings at you.
--
- Adam
-----
Adam Fields, Managing Partner, fields@surgam.net
Surgam, Inc. is a technology consulting firm with strong background in
delivering scalable and robust enterprise web and IT applications.
Ask about Vignette maximization: http://www.surgam.net/vignette.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
