Because hardware resources (especially CPU processing power) are
limited, a certain point might simply be saturated with a concurrent number of
decryption requests (for incoming data streams) as well as encryption requests
(for outgoing data streams), forcing the server to maintain huge lists of valid keys
on a per flow basis. Additionally, such machines are typically very vulnerable to
overflow attacks, where a malicious attacker attempts to overload the server key
list by opening a great number of SSL connections, forcing the server to maintain
an excessively long key list and forcing disk cashing, overall system performance
degradation, and so on, and eventually system reset triggered by overflow errors.
Passive Optical Networks (PONs) 191
Such a scenario does not need to be a result of a malicious activity, since, due to the
number of concurrent SSL requests, the ever-growing data traffic capacity might
eventually cause this situation on its own.
?– A significant share of everyday rudimentary data transmissions protocols do not
provide means for per-data transaction protection. Global keys and security mechanisms
are typically utilized and can be easily compromised in, for example, DNS
data transfers, PPP authentication messages, and instant messaging systems,
leading to an increasing unwillingness to use them in the first place.
Pages:
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483