|
|
Log in / Subscribe / Register

Denial of service via hash collisions

Denial of service via hash collisions

Posted Jan 12, 2012 1:10 UTC (Thu) by fuhchee (guest, #40059)
Parent article: Denial of service via hash collisions

What about the naive hash tables used in the linux kernel? Has someone analyzed whether any of them are sensitive to this sort of chosen-key attack?

to post comments

Denial of service via hash collisions

Posted Jan 12, 2012 1:23 UTC (Thu) by jake (editor, #205) [Link]

> What about the naive hash tables used in the linux kernel? Has
> someone analyzed whether any of them are sensitive to this sort of
> chosen-key attack?

I have not, but I do note that the researchers who came up with the advisory this article is based on plan to look at Linux hash tables along with some other targets (listed at the end of their presentation).

jake

Denial of service via hash collisions

Posted Jan 12, 2012 1:25 UTC (Thu) by wahern (subscriber, #37304) [Link]

There's this attack from 2003, at least: http://xforce.iss.net/xforce/xfdb/12160

Here is one example of this problem being handled in the Linux kernel

Posted Jan 12, 2012 16:11 UTC (Thu) by PaulMcKenney (✭ supporter ✭, #9624) [Link]

Herbert Xu took this approach to solving this problem. His hash table will change the hash function at run time if any of the hash chains exceeds a specified length.

Run-time hash perturbation has also been used since the 1990s in net/sched/sch_sfq.c.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds