[noise] DoS resistance

Jason A. Donenfeld Jason at zx2c4.com
Mon Jul 20 05:50:59 PDT 2015


On Sat, Jul 18, 2015 at 3:29 AM, Tony Arcieri <bascule at gmail.com> wrote:
>
>
> For what it's worth, TLS completely punts on this problem. It's known among
> other things as the "THC attack", and since it can be used against RSA it's
> considerably worse:
>
> https://community.qualys.com/blogs/securitylabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks
>
> There have been attempts at solving this ("client puzzles") but I can't say
> I'm really a fan.
>
> 70 Mbps of handshake messages (per node) seems good to me?

70 Mbps is pretty horrible. That's a tiny amount of bandwidth required
to completely saturate a server and prevent it from handling other
incoming handshakes.

Time to read up on the kernel's token bucket implementation, I guess. Ugh.


More information about the Noise mailing list