Fair Client Puzzles from the Bitcoin Blockchain

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9722)


Client puzzles have been proposed as a mechanism for proving legitimate intentions by providing “proofs of work”, which can be applied to discourage malicious usage of resources. A typical problem of puzzle constructions is the difference in expected solving time on different computing platforms. We call puzzles which can be solved independently of client computing resources fair client puzzles.

We propose a construction for client puzzles requiring widely distributed computational effort for their solution. These puzzles can be solved using the mining process of Bitcoin, or similar cryptocurrencies. Adapting existing definitions, we show that our puzzle construction satisfies formal requirements of client puzzles under reasonable assumptions. We describe a way of transforming our client puzzles for use in denial of service scenarios and demonstrate a practical construction.


Bitcoin Client puzzles Denial of service resistance Distributed computation Proofs of work 


  1. 1.
    Ateniese, G., Bonacina, I., Faonio, A., Galesi, N.: Proofs of space: when space is of the essence. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 538–557. Springer, Heidelberg (2014)Google Scholar
  2. 2.
    Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Back, A.: Hashcash-a denial of service counter-measure (2002).http://www.hashcash.org/papers/hashcash.pdf
  4. 4.
    Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to Better — how to make bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  5. 5.
    Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J.A., Felten, E.W.: SoK: research perspectives and challenges for bitcoin and cryptocurrencies. In: IEEE Symposium on Security and Privacy, SP 2015, pp. 104–121. IEEE Computer Society (2015)Google Scholar
  6. 6.
    Boyd, C., et al.: Cryptographic approaches to denial-of-service resistance. In: Raghavan, S.V., Dawson, E. (eds.) An Investigation into the Detection and Mitigation of Denialof Service (DoS) Attacks, pp. 183–238. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Chen, L., Morrissey, P., Smart, N.P., Warinschi, B.: Security notions and generic constructions for client puzzles. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 505–523. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)Google Scholar
  9. 9.
    Groza, B., Warinschi, B.: Revisiting difficulty notions for client puzzles and DoS resilience. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 39–54. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols. In: Secure Information Networks: Communications and MultimediaSecurity, IFIP Conference Proceedings, vol. 152, pp. 258–272. Kluwer (1999)Google Scholar
  11. 11.
    Juels, A., Brainard, J.G.: Client puzzles: a cryptographic countermeasure against connectiondepletion attacks. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 1999. The Internet Society (1999)Google Scholar
  12. 12.
    Karame, G.O., Čapkun, S.: Low-cost client puzzles based on modular exponentiation. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 679–697. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Mao, W., Paterson, K.G.: On the plausible deniability feature of Internet protocols (2002). www.isg.rhul.ac.uk/~kp/IKE.ps
  14. 14.
    Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988)Google Scholar
  15. 15.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf
  16. 16.
    Percival, C.: Stronger key derivation via sequential memory-hard functions (2009). http://bitcoin-class.org/0/classes/class16/scrypt.pdf
  17. 17.
    Stebila, D., Kuppusamy, L., Rangasamy, J., Boyd, C., Gonzalez Nieto, J.: Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 284–301. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Stebila, D., Ustaoglu, B.: Towards denial-of-service-resilient key agreement protocols. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 389–406. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Tschorsch, F., Scheuermann, B.: Bitcoin and beyond: a technical survey on decentralized digital currencies. IACR ePrint Archive 2015:464 (2015)Google Scholar
  20. 20.
  21. 21.
    Web: Bitcoin Block Explorer (2015). http://blockexplorer.com/.(Accessed on Nov 15)
  22. 22.
    Web: Bitcoin Wiki (2015). https://en.bitcoin.it/wiki/Main_Page (Accessed on Nov 15)
  23. 23.
    Web: CoinDesk (2015). http://www.coindesk.com/. (Accessed on Nov 15)
  24. 24.

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Norwegian University of Science and Technology, NTNUTrondheimNorway

Personalised recommendations