George Barwood writes:
> I'm slightly concerned about the possibility of cheap 'n' easy DoS
> attacks against DNSCurve authoritative servers.

Let's think about this for a moment. Each incoming public key actually
occupies >12 bytes for the original DNS query, 16 bytes for the
authenticator, 12 bytes for the nonce, 32 bytes for the key, 8 bytes for
the magic number, and 20 bytes for the UDP header, not to mention
overhead for the physical layer. That's >800 bits. If you have an
N-megabit-per-second incoming connection then you see <1250N public keys
per second. Each one takes <500000 Core 2 cycles to process, for a total
of <625N million Core 2 cycles per second---i.e., <N/16 2.5GHz Core 2
Quad CPUs.

In other words, one 2.5GHz Core 2 Quad can keep up with more than 16Mbps
of worst-case denial-of-service cryptographic computations. Even better,
existing code is <300000 AMD Phenom cycles, so one 3.2GHz AMD Phenom II
X4 will be able to handle more than 32MBps once that code is integrated
into NaCl (and of course into DNSCurve).

---Dan