International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2009: Advances in Cryptology – ASIACRYPT 2009 pp 505-523

Security Notions and Generic Constructions for Client Puzzles

  • Liqun Chen
  • Paul Morrissey
  • Nigel P. Smart
  • Bogdan Warinschi
Conference paper

DOI: 10.1007/978-3-642-10366-7_30

Volume 5912 of the book series Lecture Notes in Computer Science (LNCS)

Abstract

By a computational puzzle we mean a mildly difficult computational problem that requires resources (processor cycles, memory, or both) to solve. Puzzles have found a variety of uses in security. In this paper we are concerned with client puzzles: a type of puzzle used as a defense against Denial of Service (DoS) attacks. The main contribution of this paper is a formal model for the security of client puzzles.We clarify the interface that client puzzles should offer and give two security notions for puzzles. Both functionality and security are inspired by, and tailored to, the use of puzzles as a defense against DoS attacks.Our definitions fill an important gap: breaking either of the two properties immediately leads to successful DoS attacks. We illustrate this point with an attack against a previously proposed puzzle construction.We also provide a generic construction of a client puzzle which meets our security definitions.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Liqun Chen
    • 1
  • Paul Morrissey
    • 2
  • Nigel P. Smart
    • 2
  • Bogdan Warinschi
    • 2
  1. 1.Hewlett-Packard LaboratoriesBristolUK
  2. 2.Computer Science DepartmentUniversity of BristolUK