blob: 378ce12ae6b2a50992ae0943480b54d023719a04 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
|
o Minor features:
- Avoid hash-flooding denial-of-service attacks by using the secure
SipHash-2-4 hash function for our hashtables. Without this
feature, an attacker could degrade performance of a targeted
client or server by flooding their data structures with a large
number of data entries all calculated to be stored at the same
hash table position, thereby degrading hash table
performance. With this feature, hash table positions are derived
from a randomized cryptographic key using SipHash-2-4, and an
attacker cannot predict which entries will collide.
Closes ticket 4900.
|