Stronger difficulty notions for client puzzles and denial-of-service- resistant protocols

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6558 LNCS, Issue , 2011, Pages 284-301

  Stebila, Douglas ^a   Kuppusamy, Lakshmi ^a   Rangasamy, Jothi ^a   Boyd, Colin ^a   Nieto, Juan Gonzalez ^a  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

client puzzles; denial of service resistance; proof of work; protocols

Indexed keywords

CLIENT PUZZLES; COMPUTATIONAL POWER; DENIAL OF SERVICE; DENIAL OF SERVICE ATTACKS; DOS ATTACKS; DOS RESISTANCES; HARD PROBLEMS; PROOF OF WORK; PROTOCOLS; SECURITY MODEL;

TRANSMISSION CONTROL PROTOCOL;

CRYPTOGRAPHY;

EID: 79951798566     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-19074-2_19     Document Type: Conference Paper

References (35)

1. Abadi, M., Burrows, M., Manasse, M., Wobber, T.: Moderately hard, memory-bound functions. In: Proc. Internet Society Network and Distributed System Security Symposium (NDSS) 2003, Internet Society, San Diego (2003)
2. Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Just Fast Keying: Key agreement in a hostile Internet. ACM Transactions on Information and System Security 7(2), 1-30 (2004)
3. Aura, T., Nikander, P.: Stateless connections. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87-97. Springer, Heidelberg (1997) (Pubitemid 127148037)
4. Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170-177. Springer, Heidelberg (2001) (Pubitemid 33347515)
5. Babbage, S., Catalano, D., Cid, C., Dunkelman, O., Gehrmann, C., Granboulan, L., Lange, T., Lenstra, A., Nguyen, P.Q., Paar, C., Pelzl, J., Pornin, T., Preneel, B., Rechberger, C., Rijmen, V., Robshaw, M., Rupp, A., Smart, N., Ward, M.: ECRYPT yearly report on algorithms and keysizes (2007-2008) (2008), http://www.ecrypt.eu.org/documents/D.SPA.28-1.1.pdf
6. Back, A.: A partial hash collision based postage scheme (1997), http://www.hashcash.org/papers/announce.txt
7. Back, A.: Hashcash (2004), http://www.hashcash.org/docs/hashcash.html
8. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences 61(3), 362-399 (2000) (Pubitemid 32087266)
9. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232-249. Springer, Heidelberg (1994)
10. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proc. 1st ACM Conference on Computer and Communications Security (CCS), pp. 62-73. ACM, New York (1993)
11. Boyen, X.: Halting password puzzles: Hard-to-break encryption from human-memorable keys. In: Proc. 16th USENIX Security Symposium, pp. 119-134 (2007)
12. Canetti, R., Halevi, S., Steiner, M.: Hardness amplification of weakly verifiable puzzles. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 17-33. Springer, Heidelberg (2005) (Pubitemid 41231156)
13. Chen, L., Morrissey, P., Smart, N.P., Warinschi, B.: Security notions and generic constructions for client puzzles. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 505-523. Springer, Heidelberg (2009)
14. Dodis, Y., Impagliazzo, R., Jaiswal, R., Kabanets, V.: Security amplification for interactive cryptographic primitives. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 128-145. Springer, Heidelberg (2009)
15. Dwork, C., Goldberg, A., Naor, M.: On memory-bound functions for fighting spam. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 426-444. Springer, Heidelberg (2003) (Pubitemid 137636956)
16. Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139-147. Springer, Heidelberg (1993)
17. Dwork, C., Naor, M., Wee, H.: Pebbling and proofs of work. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 37-54. Springer, Heidelberg (2005) (Pubitemid 43902105)
18. Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols (extended abstract). In: Preneel, B. (ed.) Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security. IFIP Conference Proceedings, vol. 152, pp. 258-272. Kluwer, Dordrecht (1999), http://www.rsa.com/rsalabs/node.aspid=2049
19. Juels, A., Brainard, J.: Client puzzles: A cryptographic countermeasure against connection depletion attacks. In: Proc. Internet Society Network and Distributed System Security Symposium (NDSS) 1999, pp. 151-165. Internet Society, San Diego (1999)
20. Karame, G.O., Capkun, S.: Low-cost client puzzles based on modular exponentiation. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 679-697. Springer, Heidelberg (2010)
21. Kaufman, C.: Internet Key Exchange (IKEv2) protocol, RFC 4306 (2005)
22. LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1-16. Springer, Heidelberg (2007)
23. Mao, W., Paterson, K.G.: On the plausible deniability feature of Internet protocols (2002) (manuscript), http://citeseer.ist.psu.edu/678290.html
24. McNevin, T.J., Park, J.M., Marchany, R.: pTCP: A client puzzle protocol for defending against resource exhaustion denial of service attacks. Technical Report TR-ECE-04-10, Department of Electrical and Computer Engineering, Virginia Tech (2004), http://www.arias.ece.vt.edu/publications/TechReports/ mcNevin-2004-1.pdf
25. Meadows, C.: A formal framework and evaluation method for network denial of service. In: Proc. 12th IEEE Computer Security Foundations Workshop (CSFW), p. 4. IEEE, Los Alamitos (1999)
26. Moskowitz, R., Nikander, P., Jokela, P., Henderson, T.R.: Host Identity Protocol, RFC 5201 (2008)
27. Rivest, R.L., Shamir, A.: PayWord and MicroMint: Two simple micropay-ment schemes. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 69-87. Springer, Heidelberg (1997)
28. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Tech. Rep. TR-684, MIT Laboratory for Computer Science (1996), http://people.csail.mit.edu/rivest/RivestShamirWagner-timelock.pdf
29. Smith, J., Gonźalez Nieto, J., Boyd, C.: Modelling denial of service attacks on JFK with Meadows's cost-based framework. In: Buyya, R., Ma, T., Safavi-Naini, R., Steketee, C., Susilo, W. (eds.) Proc. 4th Australasian Information Security Workshop - Network Security (AISW-NetSec) 2006. CRPIT, vol. 54, pp. 125-134. Australian Computer Society (2006)
30. Stebila, D., Kuppusamy, L., Rangasamy, J., Boyd, C., Gonzalez Nieto, J.: Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols. Cryp-tology ePrint Archive (2010) (full version), http://eprint.iacr.org/
31. Stebila, D., Ustaoglu, B.: Towards denial-of-service-resilient key agreement protocols. In: Boyd, C., Gonźalez Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 389-406. Springer, Heidelberg (2009)
32. Stinson, D.R.: Cryptography: Theory and Practice, 2nd edn. Chapman & Hall, Boca Raton (2002)
33. Tritilanunt, S., Boyd, C., Foo, E., Gonźalez Nieto, J.: Toward non-parallelizable client puzzles. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 247-264. Springer, Heidelberg (2007)
34. Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Designs, Codes and Cryptography 46(3), 329-342 (2008)
35. Waters, B., Juels, A., Halderman, J.A., Felten, E.W.: New client puzzle outsourcing techniques for DoS resistance. In: Pfitzmann, B., Liu, P. (eds.) Proc. 11th ACM Conference on Computer and Communications Security (CCS), pp. 246-256. ACM, New York (2004) (Pubitemid 40338206)