spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Attacking Domain Keys

2004-11-26 07:45:51
from [James Couzens] [Permanent Link] 
On Fri, 2004-11-26 at 13:54 +0000, David Woodhouse wrote:

On Fri, 2004-11-26 at 05:47 -0800, James Couzens wrote:

With all due respect, please, THINK BIGGER.  How about AOL.  Just how is
AOL with 90M mailboxes going to deal with my 1,000 node drone army that
is spewing forth 100,000 fake signed messages laden with random data
going to do?

As an "attacker" I can randomly generate and sign a massive volume of
messages destined to the victim, who falls victim to the burden of not
only having to perform public key cryptography, he also can't do
anything until paying I/O costs as well since the DK key is signed in
2822 they have to wait for DATA to finish and then they have to parse
the data to look for the signature that I signed which cost me nothing
because I just generated gibberish looking valid.

Do the math on that, it doesn't take much load before you are no longer
receiving any email.


You have a 1000-node drone army and you think you couldn't mount a DDoS
with that already?


Thats your response to my challenge?  If the number is too big for you,
lower it to an acceptable level and then please address my stipulation.

Cheers,

James

-- 
James Couzens,
Programmer
                                                     ( ( (      
      ((__))         __\|/__        __|-|__        '. ___ .'    
       (00)           (o o)          (0~0)        '  (> <) '    
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Attacking Domain Keys, David Woodhouse
Next by Date:  RE: URGENT: Community Position on SenderID, terry
Previous by Thread:  Re: Attacking Domain Keys, David Woodhouse
Next by Thread:  Re: Attacking Domain Keys, George Schlossnagle
Indexes:  [Date] [Thread] [Top] [All Lists]