Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[discussion] Mitigate DoS attacks on Sphinx relays #10

Open
gpestana opened this issue Feb 8, 2019 · 0 comments
Open

[discussion] Mitigate DoS attacks on Sphinx relays #10

gpestana opened this issue Feb 8, 2019 · 0 comments
Milestone
p3lib-sphinx v1

Comments

@gpestana
Copy link
Member

gpestana commented Feb 8, 2019
edited
Loading

When processing the packets, each hop derives the shared key and then verifies if the key has been used before. If that is the case, it will discard the packet since it may be from a replay/DoS attack. It is important to make sure that the packet processing will happen only after the relay makes sure the packet has not been processed yet. This way, the DoS attack vector is bound to the capacity of the attacker to generate many valid packets with different shared keys between himself and the relay being attacked. The packet construction works effectively as a crypto puzzle to mitigate DoS attacks against relayers.

Is there any other mechanism that could be used? Do we need to add a more expensive puzzle?
@gpestana gpestana added this to the p3lib-sphinx v1 milestone Feb 20, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
p3lib-sphinx v1
Development

No branches or pull requests
1 participant
@gpestana