On Fri, Nov 18, 2005 at 07:07:34PM +0000, Michael Rogers wrote: > Matthew Toseland wrote: > >it might be possible > >to do a CPU DoS in very little bandwidth (not a serious attack if it > >takes much longer to generate a signature than to verify one... does > >it?). > > It does with RSA, not sure about other algorithms... use 'openssl speed' > to find out... but what attack do you have in mind? Can the attacker > just send junk instead of real signatures?
Hmmm... he probably can, yes. > > Cheers, > Michael -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051118/33c6030f/attachment.pgp>
