diff --git a/zssp/src/zssp.rs b/zssp/src/zssp.rs index be6d66180..fcdad8b50 100644 --- a/zssp/src/zssp.rs +++ b/zssp/src/zssp.rs @@ -546,8 +546,9 @@ impl Context { let assembled; let incoming_packet = if fragment_count > 1 { - // Using just incoming_counter unhashed would be good DOS resistant, - // but why not make it harder by mixing in a random value and the physical path in as well. + // incoming_counter is expected to be a random u64 generated by the remote peer. + // Using just incoming_counter to defragment would be good DOS resistance, + // but why not make it harder by hasing it with a random salt and the physical path in as well. let mut hasher = self.defrag_salt.build_hasher(); source.hash(&mut hasher); hasher.write_u64(incoming_counter); @@ -559,8 +560,8 @@ impl Context { // By only checking 2 slots we avoid a full table lookup while also minimizing the chance that 2 offers collide. // To DOS, an adversary would either need to volumetrically spam the defrag table to keep all slots full // or replay Alice's packet header from a spoofed physical path before Alice's packet is fully assembled. - // Volumetric spam is quite difficult since without the `defrag_salt: RandomState` value an adversary - // cannot control which slots their fragments index to. And since Alice's packet header has a randomly + // Volumetric spam is quite difficult since without the `defrag_salt` value an adversary cannot + // control which slots their fragments index to. And since Alice's packet header has a randomly // generated counter value replaying it in time requires extreme amounts of network control. let (slot0, timestamp0) = &mut *self.defrag[idx0].lock().unwrap(); if slot0.counter() == hashed_counter {