Re: Online signing (was: Evaluating DNSSEC transition mechanisms)

[Roy Arends <roy@dnss.ec>]

On Fri, 11 Jun 2004, Roy Badami wrote:

> As a slight aside, if I were architecting such a system from scratch,
> I'd be inclined to consider combining it with Bloom filters, and only
> signing denials where there was a collision in the Bloom filter -- in
> other cases the Bloom filter itself could be used to prove
> non-existence.
>
> I'm reasonably confident that the combination of these two measures
> would make the computational overhead of online signing a non-issue
> for a normal query load, and they'd remove the concerns of offline
> dictionary attacks.  Whether or not they'd be adequate to deal with
> DoS scenarios is less obvious to me...
>
> I realize we're in radio silence about the details of DNSSECter, so I
> don't want to get into a detailed discussion about this idea.  I
> mention it only because I haven't seen such an idea mentioned, and if
> we're seriously considering online signing then it's worth bearing in
> mind the possible shapes that a DNSSECter based on online signing
> might take to help inform the current extensibility analysis...

Bloom filters in DNSSEC is not new. SMB introduced them:
 www.research.att.com/~smb/papers/draft-bellovin-dnsext-bloomfilt-00.txt

The combination with ad-hoc signing of synthesised NSEC where
otherwise it would have been a false positive is new.

Anyway, I think crypto acceleration cards ops/sec are currently faster
then a DNSSEC capable aparatus can serve in q/sec.

I hope the assumptions one might have about a crypto-driven DDoS attack
is hereby tuned to a non-issue.


Roy

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>