Secure Client Puzzles Based on Random Beacons - NETWORKING 2012
Conference Papers Year : 2012

Secure Client Puzzles Based on Random Beacons

Martin Mauve
  • Function : Author
  • PersonId : 1009407

Abstract

Denial of Service (DoS) attacks pose a fast-growing threat to network services in the Internet, but also corporate Intranets and public local area networks like Wi-Fi hotspots may be affected. Especially protocols that perform authentication and key exchange relying on expensive public key cryptography are likely to be preferred targets. A well-known countermeasure against resource depletion attacks are client puzzles.Most existing client puzzle schemes are interactive. Upon receiving a request the server constructs a puzzle and asks the client to solve this challenge before processing its request. But the packet with the puzzle parameters sent from server to client lacks authentication. The attacker might mount a counterattack on the clients by injecting faked packets with bogus puzzle parameters bearing the server’s sender address. A client receiving a plethora of bogus challenges may become overloaded and probably will not be able to solve the genuine challenge issued by the authentic server. Thus, its request remains unanswered. In this paper we introduce a secure client puzzle architecture that overcomes the described authentication issue. In our scheme client puzzles are employed noninteractively and constructed by the client from a periodically changing, secure random beacon. A special beacon server broadcasts beacon messages which can be easily verified by matching their hash values against a list of beacon fingerprints that has been obtained in advance. We develop sophisticated techniques to provide a robust beacon service. This involves synchronization aspects and especially the secure deployment of beacon fingerprints.
Fichier principal
Vignette du fichier
978-3-642-30054-7_15_Chapter.pdf (176.03 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01531977 , version 1 (02-06-2017)

Licence

Identifiers

Cite

Yves Igor Jerschow, Martin Mauve. Secure Client Puzzles Based on Random Beacons. 11th International Networking Conference (NETWORKING), May 2012, Prague, Czech Republic. pp.184-197, ⟨10.1007/978-3-642-30054-7_15⟩. ⟨hal-01531977⟩
228 View
170 Download

Altmetric

Share

More