1. A Denial-of-Service Resistant DHT Christian Scheideler Technische Universität München Joint work with Baruch Awerbuch, JHU

2. Motivation On Feb 6, a major DoS attack was launched against the root servers of the DNS system Internet d d d d d d

3. DoS-resistant Information System Problem: DNS-approach of full replication not feasible in large information systems Internet off-the-shelf servers

4. DoS-resistant Information System Scalable information system: storage over- head limited to logarithmic factor Internet d d d

5. Fundamental Dilemma Scalability: minimize replication of information Robustness: maximize resources needed by attacker Internet d d d

6. Fundamental Dilemma Limitation to „legal“ attacks / information hiding Information hiding difficult under insider attacks Internet d d d

7. DoS-resistent Information System Past-Insider-Attack: Attacker knows every- thing about system till (unknown) time t 0 Goal: scalable information system so that everything that was inserted or updated after t 0 is safe (w.h.p.) against any past- insider DoS attack that can shut down any  -fraction of the servers, for some  >0, and create any legal set of requests You are fired!

8. Past Insider DoS Attack Dilemma: Explicit data structure: problems with consistency and robustness Fixed hash function: consistency much easier to maintain, but easy to attack Random placement: difficult to attack, but also difficult to search for data Combine hashing with random placement!!

9. DoS-resistant DHT Our solution is a DHT-based system on n completely interconnected, reliable servers with O(log n) data redundancy (coding) Theorem: Under any  -bounded past-insider attack (for some constant  >0), our lookup protocol can serve any set of requests (one per server) in polylog time s.t. every request to a data item inserted or updated after t 0 is served correctly, w.h.p.

10. Conclusion Application: DoS-resistant platform for e- commerce or critical information services (Akamai) Regular paper: DISC 2007. Any questions?