[noise] DoS *is* a problem

Jason A. Donenfeld Jason at zx2c4.com
Thu Nov 19 03:54:09 PST 2015


On Thu, Nov 19, 2015 at 7:40 AM, Trevor Perrin <trevp at trevp.net> wrote:
> On Wed, Nov 18, 2015 at 7:20 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>> Welp, I've implemented some hash token bucket situation, which is a
>> decent practical solution.

I take that back. My token bucket is totally worthless, since my
protocol runs over UDP, where source IPs can be spoofed anyway.

>
> Also, you're probably worrying too much about computational DoS based
> on a single ECDH.  Modern server-class CPUs can do ~20K variable-base
> 25519 ops per second per core.

Even at 20k/second, each message of NoiseIK has 2 ECDH operations. So,
10k/second:

10000 handshakes/second * 96 bytes / 131072 bytes/megabit = 7.3
megabits per second

That seems like a big big big problem.


More information about the Noise mailing list