Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao https://doi.org/10.1...arrow_drop_down
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
https://doi.org/10.1007/978-3-...
Part of book or chapter of book . 2008 . Peer-reviewed
License: Springer TDM
Data sources: Crossref
https://dx.doi.org/10.1007/978...
Article
Data sources: Microsoft Academic Graph
 View all 1 versions
Claim

This Research product is the result of merged Research products in OpenAIRE.

You have already added 0 works in your ORCID record related to the merged Research product.

Remote Algorithmic Complexity Attacks against Randomized Hash Tables

descriptionPublicationkeyboard_double_arrow_right Part of book or chapter of book , Article 01 Jan 2008Publisher:Springer Berlin Heidelberg
Authors: Noa Bar-Yosef; Avishai Wool;

doi: 10.1007/978-3-540-88653-2_12

Remote Algorithmic Complexity Attacks against Randomized Hash Tables

Abstract

Many network devices, such as routers, firewalls, and intrusion detection systems, usually maintain per-connection state in a hash table. However, hash tables are susceptible to algorithmic complexity attacks, in which the attacker degenerates the hash into a simple linked list. A common counter-measure is to randomize the hash table by adding a secret value, known only to the device, as a parameter to the hash function. Our goal is to demonstrate how the attacker can defeat this protection: we demonstrate how to discover this secret value, and to do so remotely, using network traffic. We show that if the secret value is small enough, such an attack is possible. Our attack does not rely on any weakness of a particular hash function and can work against any hash — although a poorly chosen hash function, that produces many collisions, can make the attack more efficient. We present a mathematical modeling of the attack, simulate the attack on different network topologies and finally describe a real-life attack against a weakened version of the Linux Netfilter.

Related Organizations
  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 6
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Top 10%
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
6
Average
Top 10%
Average
Upload OA version
Are you the author of this publication? Upload your Open Access version to Zenodo!
It’s fast and easy, just two clicks!
uploadUpload now