sks-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Proposal: Start verifying self-signatures


From: Daniel Roesler
Subject: Re: [Sks-devel] Proposal: Start verifying self-signatures
Date: Mon, 18 May 2015 12:04:34 -0700

On Sun, May 17, 2015 at 4:37 PM, Robert J. Hansen <address@hidden> wrote:
>> This is a DOS because Mallory could effectively increase Alice's
>> public key to a size that it would be untenable for Bob to
>> download it from the pool.
>
> There are so many other, better ways to DoS the entire keyserver network
> that I have real trouble taking this one seriously.

Uploading user attribute packets with bogus self-signatures is
probably the easiest way to DoS the entire keyserver network. A bot
could add 1TB of bloat to the keyserver network by adding 5MB (to stay
under the limit) user attribute images to only 200k public keys. By
contrast, assuming a signature is 2KB, they would need to submit 200m
bogus signatures to have the same impact.

Additionally, due to sks's packet merging properties, one could submit
different 5MB user attribute images multiple times and the public key
would grow by 5MB each time. So it would only take 200 requests for a
bot to increase someone's public key size to 1GB (effectively DoS'ing
that person from being retrieved via gpg --recv-key).

Are we just going to wait around until someone starts doing this? We
can solve these vulnerabilities now.

Daniel



reply via email to

[Prev in Thread] Current Thread [Next in Thread]