Skip to Main content Skip to Navigation
Conference papers

Secure Client Puzzles Based on Random Beacons

Abstract : Denial of Service (DoS) attacks pose a fast-growing threat to network services in the Internet, but also corporate Intranets and public local area networks like Wi-Fi hotspots may be affected. Especially protocols that perform authentication and key exchange relying on expensive public key cryptography are likely to be preferred targets. A well-known countermeasure against resource depletion attacks are client puzzles.Most existing client puzzle schemes are interactive. Upon receiving a request the server constructs a puzzle and asks the client to solve this challenge before processing its request. But the packet with the puzzle parameters sent from server to client lacks authentication. The attacker might mount a counterattack on the clients by injecting faked packets with bogus puzzle parameters bearing the server’s sender address. A client receiving a plethora of bogus challenges may become overloaded and probably will not be able to solve the genuine challenge issued by the authentic server. Thus, its request remains unanswered. In this paper we introduce a secure client puzzle architecture that overcomes the described authentication issue. In our scheme client puzzles are employed noninteractively and constructed by the client from a periodically changing, secure random beacon. A special beacon server broadcasts beacon messages which can be easily verified by matching their hash values against a list of beacon fingerprints that has been obtained in advance. We develop sophisticated techniques to provide a robust beacon service. This involves synchronization aspects and especially the secure deployment of beacon fingerprints.
Complete list of metadata

Cited literature [21 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Friday, June 2, 2017 - 11:23:34 AM
Last modification on : Monday, March 19, 2018 - 10:04:52 AM
Long-term archiving on: : Wednesday, December 13, 2017 - 6:05:34 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Yves Jerschow, Martin Mauve. Secure Client Puzzles Based on Random Beacons. 11th International Networking Conference (NETWORKING), May 2012, Prague, Czech Republic. pp.184-197, ⟨10.1007/978-3-642-30054-7_15⟩. ⟨hal-01531977⟩



Record views


Files downloads