On the uniformity of distribution of the RSA pairs
Mathematics of Computation
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
DOS-Resistant Authentication with Client Puzzles
Revised Papers from the 8th International Workshop on Security Protocols
Riemann's Hypothesis and tests for primality
STOC '75 Proceedings of seventh annual ACM symposium on Theory of computing
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
Inferring Internet denial-of-service activity
ACM Transactions on Computer Systems (TOCS)
Security Notions and Generic Constructions for Client Puzzles
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Comparing two notions of simulatability
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Practical client puzzles in the standard model
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Hi-index | 0.00 |
Client puzzles are moderately-hard cryptographic problems -- neither easy nor impossible to solve -- that can be used as a countermeasure against denial of service attacks on network protocols. Puzzles based on modular exponentiation are attractive as they provide important properties such as non-parallelisability, deterministic solving time, and linear granularity. We propose an efficient client puzzle based on modular exponentiation. Our puzzle requires only a few modular multiplications for puzzle generation and verification. For a server under denial of service attack, this is a significant improvement as the best known non-parallelisable puzzle proposed by Karame and Čapkun (ESORICS 2010) requires at least 2k-bit modular exponentiation, where k is a security parameter. We show that our puzzle satisfies the unforgeability and difficulty properties defined by Chen et al. (Asiacrypt 2009). We present experimental results which show that, for 1024-bit moduli, our proposed puzzle can be up to 30 × faster to verify than the Karame-Čapkun puzzle and 99 × faster than the Rivest et al.'s time-lock puzzle.