Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CERT vulnerability note VU# 539363 (fwd)

From: Miles Sabin <miles () milessabin com>
Date: Fri, 18 Oct 2002 07:45:26 +0100
Mike Frantzen wrote,

The problem with a hashed state table is that hash tables are very
easy to attack.  The use of collision chains (linked lists) would let
an attack totally blow out the D$ and TLB.  I've make a sun U10
440mhz w/ 2MB L2 grind to a halt w/ 5 packets a second after a long
series of collisions.


Interesting ... the idea being that with knowledge of the hash function 
an attacker could manufacture enough collisions to push the hash table 
to the O(n) worst case?

Couldn't that attack be frustrated by a more sophisticated hash function 
parameterized with a local secret (ie. the attacker would need to know 
the secret as well as the function before they could reliably generate 
collisions)? Or would that make the hash function too computationally 
expensive?

Cheers,


Miles
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: