## Re: The math of kaminsky-spoofing a randomising source portresolver

Bert,

--On 1 August 2008 14:40:39 +0200 bert hubert
wrote:

> T * P_s T * D * R
> P_cs = --------- = ---------
> W N * P * I

I see nothing wrong in your maths. Taking it from this stage
put in (as you suggest)
D=1
N=2.5
I=65536
And look for P_cs=0.5

0.5 = T * 1 * R
----------
2.5 * P * 65536

T = 81920 * P / R (seconds, for a 50% success rate)
Or
R = 81920 * P / T

So, for an attack on a non randomised port (P=1) to be more likely to
succeed than not within 100ms, you need approx 82,000 pps. Assuming Malory
is prepared to wait a day for his attack, he only needs to send one packet
every 10 seconds (practically undetectable).

With port randomisation (P=64000), Malory will need approximately 64,000
pps to have an even chance of a successful attack within a day.

Due to the effect of caching, Malory can presumably stop his attack when he
has a first successful hit, and the record will remain for just as long as
the TTL of the spoofed record.

This is assuming Malory doesn't do anything intelligent to speed up
his attack or parallelise multiple attacks, which would of course
make things easier.

It goes without saying that it would be trivial to orchestrate an attack
that focused solely on nameservers with low values of P, as (e.g.) the
OARC test demonstrate it's possible to guess this remotely.

Alex

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: