Date: May 1997
Pages: 27
We describe a transformation of stateful connections or parts of them into stateless ones by attaching the state information to the messages. Message authentication codes are used for checking integrity of the state data and the connections. The stateless server protocols created in this way are more robust against denial of service resulting from high loads and resource exhausting attacks than their stateful counterparts. In particular, stateless authentication resists attacks that leave connections in a half-open state. Examples of problems related to statefulness and solutions to them shown for the X.509, ISAKMP, TCP and HTTP protocols.
Keywords: stateless connections, denial of service, cryptographic protocols, robust design, SYN-flooding attack