Denial of service attacks

Publius, like all Web services, is susceptible to denial of service attacks. An adversary could use Publius to publish content until the disk space on all servers is full. This could also affect other applications running on the same server. We take a simple measure of limiting each publishing command to 100K. A better approach would be to charge for space. An interesting approach to this problem is a CPU cycle based payment scheme known as Hash Cash (https://www.cypherspace.org/~adam/hashcash/). The idea behind this system is to require the publisher to do some work before publishing. Thus, it becomes difficult to efficiently fill the server disk. Hopefully, the attack can be detected before the disk is full. In Hash Cash, a client wishing to store a file on a particular server first requests a challenge string c and a number, b, from that server. The client must find another string, s, such that at least b bits of H(c s) match b bits of H(s) where H is a secure hash function such as MD5 and ``'' is the concatenation operator. That is, the client must find partial collisions in the hash function. The higher the value of b, the more time the client requires to find a matching string. The client then sends s to the server along with the file to be stored. The server only stores the file if H(s) passes the b bit matching test on H(c s). Another scheme we are considering is to limit, based on client IP address, the amount of data that a client can store on a particular Publius server within a certain period of time. While not perfect, this raises the bar a bit, and requires the attacker to exert more effort. We have not implemented either of these protection mechanisms yet. Dwork and Naor in [8] describe several other CPU cycle based payment schemes.