Re: possible DoS attack

I don't have any objection to a warning about this but there are well
known techniques for loop detection that would stop anything as simple
as the example given.  I would personally recommend using such a loop
detechion technique and also having some sort of generous limit to the
total amount of compute power you use in a particular decryption for
more complex cases. A simple depth limit doesn't solve all kinds of
other complex compute loops or ridiculously large but finite
computations you could get into.


On Thu, 11 Apr 2002, Aleksey Sanin wrote:

> Date: Thu, 11 Apr 2002 10:08:07 -0700
> From: Aleksey Sanin <>
> To: Blair Dillaway <>
> Cc:
> Subject: Re: possible DoS attack
> Resent-Date: Thu, 11 Apr 2002 13:09:30 -0400 (EDT)
> Resent-From:
> Blair,
> Small tweak in my example (one <EncryptedData/> element and
> two <EncryptedKey /> elements pointing to each other) breaks
> the check you've described.
> I agree with you that there is no way to prevent a DoS attack. However,
> it is possible to make the "bad guys" life harder :)  I don't suggest
> to change the XML Encryption design but I do think that a warning
> about possible problem is a good idea.
> Aleksey
> Blair Dillaway wrote:
> >In your example, the RetrievalMethod indicates you are to retrieve an
> >EncryptedKey.  Shouldn't your code immediately error when it finds the
> >target of the URI is an EncryptedData?
> >
> >In any event, we had a fairly long discussion on DoS issues when this
> >activity started and realized there is no way to prevent them and also
> >meet our goal of creating a general purpose and flexible system.  Its
> >fairly easy to construct examples that will cause a recipient to very
> >deeply recurse (possibly infinite) looking for a decryption key.  I
> >suppose one could support an application defined recursion limit to try
> >and bound this problem, but addressing DoS attacks was not a goal of the
> >WG.
> >
> >Blair
> >

Received on Friday, 12 April 2002 09:08:19 UTC