Re: client puzzle protocol

From: Michael B. Rash (mbrat_private)
Date: Fri Feb 18 2000 - 22:44:01 PST

Next message: Chris Cappuccio: "Re: Recent Attacks"

Previous message: Michael B. Rash: "Re: client puzzle protocol"
Maybe in reply to: Michael B. Rash: "client puzzle protocol"
Next in thread: Tommy Ward: "Re: client puzzle protocol"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 18 Feb 2000, Gregory Stark wrote:

:  When a client tries to open a TCP connection the server hands him a puzzle
:  (via UDP so we do not care if they get it, they'll just have to ask again if
:  they don't). The client must solve the puzzle and send it back to the server
:  (via UDP so if the client becomes impatient it can send it again). If the
:  server receives a correctly completed puzzle, suitably fresh, it reallocates
:  the state and completes the TCP connection with the client. The server must
:  be able to cheaply discard bogus solutions so we cannot use public key
:  cryptography.
:  
:  Please explain where/why the server must retain state information which
:  makes it susceptible to DoS?

Ahh, this is the crux of the problem.  Reading the paper more carefully,
the CPP specifies that when a server comes under attack, the following
exchange takes place (Mi=i_th message, t=time, P=puzzle):

Client			Server
   -----Mi, "Puzzle?"--->
   <--"Yes, Puzzle",P,t---
   ------ solution -----> verify bunch of things

   <------  Mi  ------>
   connection established

Note the the puzzle, P, does not depend on Mi.  It only depends on the
time t.  Hence the puzzle solution can be verified independent of any
state w.r.t. the requesting IP.  They also say in the paper that one
underlying assumption is that an attacker cannot saturate the network
bandwidth, which seem to be a reasonable assumption.  (If you take away
soneones bandwidth completely then they win... no amount of cleverness
with CPP or anything else would make a difference.)  So the question
simply comes down to "whether the server can farm out puzzles fast
enough", instead of "whether the server can farm out puzzles and maintain
state fast enough"... hmm... seems like it would be an advantage but it is
certainly no longer TCP.


--Michael B. Rash             | "...the whole aim of practical politics is
                              | to keep the populace alarmed (and hence
http://www.math.umd.edu/~mbr  | clamorous to be led to safety) by an
                              | endless series of hobgoblins..."  -Mencken

Next message: Chris Cappuccio: "Re: Recent Attacks"
Previous message: Michael B. Rash: "Re: client puzzle protocol"
Maybe in reply to: Michael B. Rash: "client puzzle protocol"
Next in thread: Tommy Ward: "Re: client puzzle protocol"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:04 PDT