Firewall Wizards mailing list archives
Re: Re: CERT vulnerability note VU# 539363 (fwd)
From: <broyds () rogers com>
Date: Fri, 18 Oct 2002 12:03:53 -0400
Most hash functions are based on arithmetic modulo a large prime. Most often this prime is chosen to be close to a power of 2 to optimize address space (often a Mersenne prime), but there is not neccessity for it so the secret would be the prime used as hash base. Guessing prime used is non trivial so it provides some security.
From: Miles Sabin <miles () milessabin com> Date: 2002/10/18 Fri AM 02:45:26 EDT To: firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] CERT vulnerability note VU# 539363 (fwd) Mike Frantzen wrote,The problem with a hashed state table is that hash tables are very easy to attack. The use of collision chains (linked lists) would let an attack totally blow out the D$ and TLB. I've make a sun U10 440mhz w/ 2MB L2 grind to a halt w/ 5 packets a second after a long series of collisions.Interesting ... the idea being that with knowledge of the hash function an attacker could manufacture enough collisions to push the hash table to the O(n) worst case? Couldn't that attack be frustrated by a more sophisticated hash function parameterized with a local secret (ie. the attacker would need to know the secret as well as the function before they could reliably generate collisions)? Or would that make the hash function too computationally expensive? Cheers, Miles _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: CERT vulnerability note VU# 539363 (fwd), (continued)
- Re: CERT vulnerability note VU# 539363 (fwd) Carson Gaspar (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Mikael Olsson (Oct 16)
- RE: CERT vulnerability note VU# 539363 (fwd) Schouten, Diederik (Diederik) (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Stephen Gill (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Carson Gaspar (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Mike Frantzen (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Miles Sabin (Oct 18)
- Re: CERT vulnerability note VU# 539363 (fwd) Darren Reed (Oct 22)
- Re: CERT vulnerability note VU# 539363 (fwd) Mike Frantzen (Oct 22)
- Re: CERT vulnerability note VU# 539363 (fwd) Carson Gaspar (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) David Wagner (Oct 18)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Ben Nagy (Oct 19)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Bill Royds (Oct 19)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Ben Nagy (Oct 19)