Message151604
> You mean as a fix or that they successfully attacked a collision-counting
> system?
Successful anticipation and blocking of hash attack: after a chain of
100 DNS 'treats the request as a cache miss'. What is somewhat special
for this app is being able to bail at that point. Crosby & Wallach still
think 'his fix could be improved', I presume by using one of their
recommended hashes.
http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf
section 3.2, DJB DNS server; section 5, fixes |
|
Date |
User |
Action |
Args |
2012-01-19 01:15:26 | terry.reedy | set | recipients:
+ terry.reedy, lemburg, gvanrossum, tim.peters, barry, georg.brandl, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, benjamin.peterson, eric.araujo, grahamd, Arfrever, v+python, alex, zbysz, skrah, dmalcolm, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, Jim.Jewett, PaulMcMillan, fx5 |
2012-01-19 01:15:24 | terry.reedy | link | issue13703 messages |
2012-01-19 01:15:21 | terry.reedy | create | |
|