Security Notions and Generic Constructions for Client Puzzles

  • Liqun Chen
  • Paul Morrissey
  • Nigel P. Smart
  • Bogdan Warinschi
Conference paper

DOI: 10.1007/978-3-642-10366-7_30

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5912)
Cite this paper as:
Chen L., Morrissey P., Smart N.P., Warinschi B. (2009) Security Notions and Generic Constructions for Client Puzzles. In: Matsui M. (eds) Advances in Cryptology – ASIACRYPT 2009. ASIACRYPT 2009. Lecture Notes in Computer Science, vol 5912. Springer, Berlin, Heidelberg

Abstract

By a computational puzzle we mean a mildly difficult computational problem that requires resources (processor cycles, memory, or both) to solve. Puzzles have found a variety of uses in security. In this paper we are concerned with client puzzles: a type of puzzle used as a defense against Denial of Service (DoS) attacks. The main contribution of this paper is a formal model for the security of client puzzles.We clarify the interface that client puzzles should offer and give two security notions for puzzles. Both functionality and security are inspired by, and tailored to, the use of puzzles as a defense against DoS attacks.Our definitions fill an important gap: breaking either of the two properties immediately leads to successful DoS attacks. We illustrate this point with an attack against a previously proposed puzzle construction.We also provide a generic construction of a client puzzle which meets our security definitions.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Liqun Chen
    • 1
  • Paul Morrissey
    • 2
  • Nigel P. Smart
    • 2
  • Bogdan Warinschi
    • 2
  1. 1.Hewlett-Packard LaboratoriesBristolUK
  2. 2.Computer Science DepartmentUniversity of BristolUK

Personalised recommendations