Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Secure communications over insecure channels
Communications of the ACM
A cost-based framework for analysis of denial of service in networks
Journal of Computer Security
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
DOS-Resistant Authentication with Client Puzzles
Revised Papers from the 8th International Workshop on Security Protocols
An Auditable Metering Scheme for Web Advertisement Applications
ISC '01 Proceedings of the 4th International Conference on Information Security
Proofs of Work and Bread Pudding Protocols
CMS '99 Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security
A Formal Framework and Evaluation Method for Network Denial of Service
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
Just fast keying: Key agreement in a hostile internet
ACM Transactions on Information and System Security (TISSEC)
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
New client puzzle outsourcing techniques for DoS resistance
Proceedings of the 11th ACM conference on Computer and communications security
Modelling denial of service attacks on JFK with Meadows's cost-based framework
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
BAP: Broadcast Authentication Using Cryptographic Puzzles
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Toward non-parallelizable client puzzles
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Basing weak public-key cryptography on strong one-way functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Hardness amplification of weakly verifiable puzzles
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
An integrated approach to cryptographic mitigation of denial-of-service attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Formal modelling and automatic detection of resource exhaustion attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Secure client puzzles based on random beacons
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part II
Effort-release public-key encryption from cryptographic puzzles
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Some improvements to the cost-based framework for analyzing denial of service attacks
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Efficient modular exponentiation-based puzzles for denial-of-service protection
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Revisiting difficulty notions for client puzzles and dos resilience
ISC'12 Proceedings of the 15th international conference on Information Security
Practical client puzzles in the standard model
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Hi-index | 0.00 |
By a computational puzzle we mean a mildly difficult computational problem that requires resources (processor cycles, memory, or both) to solve. Puzzles have found a variety of uses in security. In this paper we are concerned with client puzzles : a type of puzzle used as a defense against Denial of Service (DoS) attacks. The main contribution of this paper is a formal model for the security of client puzzles.We clarify the interface that client puzzles should offer and give two security notions for puzzles. Both functionality and security are inspired by, and tailored to, the use of puzzles as a defense against DoS attacks.Our definitions fill an important gap: breaking either of the two properties immediately leads to successful DoS attacks. We illustrate this point with an attack against a previously proposed puzzle construction.We also provide a generic construction of a client puzzle which meets our security definitions.