Auditable metering with lighweight security
Journal of Computer Security
Secure communications over insecure channels
Communications of the ACM
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Defending against an Internet-based attack on the physical world
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Defending Against Denial-of-Service Attacks with Puzzle Auctions
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Secure routing for structured peer-to-peer overlay networks
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Taming IP packet flooding attacks
ACM SIGCOMM Computer Communication Review
GlueQoS: Middleware to Sweeten Quality-of-Service Policy Interactions
Proceedings of the 26th International Conference on Software Engineering
Defending against an Internet-based attack on the physical world
ACM Transactions on Internet Technology (TOIT)
Managing the Performance Impact of Web Security
Electronic Commerce Research
The LOCKSS peer-to-peer digital preservation system
ACM Transactions on Computer Systems (TOCS)
Secure routing for structured peer-to-peer overlay networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Obfuscated databases and group privacy
Proceedings of the 12th ACM conference on Computer and communications security
Improving secure server performance by re-balancing SSL/TLS handshakes
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Average case vs. worst case: margins of safety in system design
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Modelling denial of service attacks on JFK with Meadows's cost-based framework
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Detecting identity-based attacks in wireless networks using signalprints
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
An aspect-oriented approach to bypassing middleware layers
Proceedings of the 6th international conference on Aspect-oriented software development
Stateful DDoS attacks and targeted filtering
Journal of Network and Computer Applications
Anticipatory distributed packet filter configurations for carrier-grade IP networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Attrition defenses for a peer-to-peer digital preservation system
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Flexible OS support and applications for trusted computing
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Side effects are not sufficient to authenticate software
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Portcullis: protecting connection setup from denial-of-capability attacks
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
Harvesting verifiable challenges from oblivious online sources
Proceedings of the 14th ACM conference on Computer and communications security
Mitigating DoS attacks against broadcast authentication in wireless sensor networks
ACM Transactions on Sensor Networks (TOSN)
Halting password puzzles: hard-to-break encryption from human-memorable keys
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
mod_kaPoW: mitigating DoS with transparent proof-of-work
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Mitigating application-level denial of service attacks on Web servers: A client-transparent approach
ACM Transactions on the Web (TWEB)
Securing user-controlled routing infrastructures
IEEE/ACM Transactions on Networking (TON)
SpringSim '07 Proceedings of the 2007 spring simulation multiconference - Volume 3
Using rhythmic nonces for puzzle-based DoS resistance
Proceedings of the 2nd ACM workshop on Computer security architectures
A middleware system for protecting against application level denial of service attacks
Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware
A generic construction of useful client puzzles
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
International Journal of Information and Computer Security
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
HPAKE: Password Authentication Secure against Cross-Site User Impersonation
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
ACM Transactions on Computer Systems (TOCS)
Combating spam and denial-of-service attacks with trusted puzzle solvers
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Low-cost client puzzles based on modular exponentiation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
An integrated approach to cryptographic mitigation of denial-of-service attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
A novel client-based approach for signing and checking web forms by using XML against DoS attacks
Proceedings of the 12th International Conference on Information Integration and Web-based Applications & Services
Reconstructing hash reversal based proof of work schemes
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Anonygator: privacy and integrity preserving data aggregation
Proceedings of the ACM/IFIP/USENIX 11th International Conference on Middleware
Guaranteeing access in spite of distributed service-flooding attacks
Proceedings of the 11th international conference on Security Protocols
A middleware system for protecting against application level denial of service attacks
Middleware'06 Proceedings of the 7th ACM/IFIP/USENIX international conference on Middleware
Improved merkle cryptosystem (IMC)
ISCIS'06 Proceedings of the 21st international conference on Computer and Information Sciences
A p2p content authentication protocol based on byzantine agreement
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
On the performance and analysis of DNS security extensions
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Strengthening password-based authentication protocols against online dictionary attacks
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Efficient memory bound puzzles using pattern databases
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
W3Bcrypt: encryption as a stylesheet
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Aspect-Oriented development of crosscutting features in distributed, heterogeneous systems
Transactions on Aspect-Oriented Software Development II
Secure client puzzles based on random beacons
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part II
Revisiting difficulty notions for client puzzles and dos resilience
ISC'12 Proceedings of the 15th international conference on Information Security
LAKE: A Server-Side Authenticated Key-Establishment with Low Computational Workload
ACM Transactions on Internet Technology (TOIT)
| Hi-index | 0.00 |
Client puzzles are commonly proposed as a solution to denial-of-service attacks. However, very few implementations of the idea actually exist, and there are a number of subtle details in the implementation. In this paper, we describe our implementation of a simple and backwards compatible client puzzle extension to TLS. We also present measurements of CPU load and latency when our modified library is used to protect a secure webserver. These measurements show that client puzzles are a viable method for protecting SSL servers from SSL based denial-of-service attacks.