Firewall Wizards mailing list archives
Re: CERT vulnerability note VU# 539363 (fwd)
From: Miles Sabin <miles () milessabin com>
Date: Fri, 18 Oct 2002 07:45:26 +0100
Mike Frantzen wrote,
The problem with a hashed state table is that hash tables are very easy to attack. The use of collision chains (linked lists) would let an attack totally blow out the D$ and TLB. I've make a sun U10 440mhz w/ 2MB L2 grind to a halt w/ 5 packets a second after a long series of collisions.
Interesting ... the idea being that with knowledge of the hash function an attacker could manufacture enough collisions to push the hash table to the O(n) worst case? Couldn't that attack be frustrated by a more sophisticated hash function parameterized with a local secret (ie. the attacker would need to know the secret as well as the function before they could reliably generate collisions)? Or would that make the hash function too computationally expensive? Cheers, Miles _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: CERT vulnerability note VU# 539363 (fwd), (continued)
- Re: CERT vulnerability note VU# 539363 (fwd) Mikael Olsson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Paul Robertson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Daniel Hartmeier (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Paul Robertson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Carson Gaspar (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Paul Robertson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Mikael Olsson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Mikael Olsson (Oct 16)
- Re: CERT vulnerability note VU# 539363 (fwd) Carson Gaspar (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Mike Frantzen (Oct 17)
- Re: CERT vulnerability note VU# 539363 (fwd) Miles Sabin (Oct 18)
- Re: CERT vulnerability note VU# 539363 (fwd) Darren Reed (Oct 22)
- Re: CERT vulnerability note VU# 539363 (fwd) Mike Frantzen (Oct 22)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Ben Nagy (Oct 19)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Bill Royds (Oct 19)
- RE: Re: CERT vulnerability note VU# 539363 (fwd) Ben Nagy (Oct 19)