Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The security of the cipher block chaining message authentication code
Journal of Computer and System Sciences
Cryptography: Theory and Practice,Second Edition
Cryptography: Theory and Practice,Second Edition
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
PayWord and MicroMint: Two Simple Micropayment Schemes
Proceedings of the International Workshop on Security Protocols
DOS-Resistant Authentication with Client Puzzles
Revised Papers from the 8th International Workshop on Security Protocols
Proofs of Work and Bread Pudding Protocols
CMS '99 Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security
A Formal Framework and Evaluation Method for Network Denial of Service
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
Just fast keying: Key agreement in a hostile internet
ACM Transactions on Information and System Security (TISSEC)
New client puzzle outsourcing techniques for DoS resistance
Proceedings of the 11th ACM conference on Computer and communications security
Modelling denial of service attacks on JFK with Meadows's cost-based framework
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS
Designs, Codes and Cryptography
Halting password puzzles: hard-to-break encryption from human-memorable keys
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Security Amplification for Interactive Cryptographic Primitives
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Towards Denial-of-Service-Resilient Key Agreement Protocols
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Security Notions and Generic Constructions for Client Puzzles
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Toward non-parallelizable client puzzles
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Hardness amplification of weakly verifiable puzzles
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
An integrated approach to cryptographic mitigation of denial-of-service attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Towards a provably secure dos-resilient key exchange protocol with perfect forward secrecy
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Effort-release public-key encryption from cryptographic puzzles
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Revisiting difficulty notions for client puzzles and dos resilience
ISC'12 Proceedings of the 15th international conference on Information Security
Practical client puzzles in the standard model
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Modeling and analysis of internet key exchange protocolv2 and a proposal for its variant
Proceedings of the 6th ACM India Computing Convention
Hi-index | 0.00 |
Client puzzles are meant to act as a defense against denial of service (DoS) attacks by requiring a client to solve some moderately hard problem before being granted access to a resource. However, recent client puzzle difficulty definitions (Stebila and Ustaoglu, 2009; Chen et al., 2009) do not ensure that solving n puzzles is n times harder than solving one puzzle. Motivated by examples of puzzles where this is the case, we present stronger definitions of difficulty for client puzzles that are meaningful in the context of adversaries with more computational power than required to solve a single puzzle. A protocol using strong client puzzles may still not be secure against DoS attacks if the puzzles are not used in a secure manner. We describe a security model for analyzing the DoS resistance of any protocol in the context of client puzzles and give a generic technique for combining any protocol with a strong client puzzle to obtain a DoS-resistant protocol.