Security Notions and Generic Constructions for Client Puzzles

  • Liqun Chen
  • Paul Morrissey
  • Nigel P. Smart
  • Bogdan Warinschi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5912)


By a computational puzzle we mean a mildly difficult computational problem that requires resources (processor cycles, memory, or both) to solve. Puzzles have found a variety of uses in security. In this paper we are concerned with client puzzles: a type of puzzle used as a defense against Denial of Service (DoS) attacks. The main contribution of this paper is a formal model for the security of client puzzles.We clarify the interface that client puzzles should offer and give two security notions for puzzles. Both functionality and security are inspired by, and tailored to, the use of puzzles as a defense against DoS attacks.Our definitions fill an important gap: breaking either of the two properties immediately leads to successful DoS attacks. We illustrate this point with an attack against a previously proposed puzzle construction.We also provide a generic construction of a client puzzle which meets our security definitions.


Clock Cycle Generic Construction Function Family Random Oracle Model Pseudorandom Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Kermoytis, A.D., Reingold, O.: Just Fast Keying: Key Agreement In A Hostile Internet. ACM Trans. on Info. and Syst. Sec. 4, 1–30 (2004)Google Scholar
  2. 2.
    Aura, T., Nikander, P., Leiwo, J.: DoS-Resistant Authentication with Client Puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–181. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Barak, B., Mahmoody–Ghidary, M.: Merkle Puzzles are Optimal. Cryptology ePrint archive, report 2008/032 (2008)Google Scholar
  4. 4.
    Biham, E., Goren, Y.J., Ishai, Y.: Basing Weak Public-Key Cryptoraphy on Strong One-Way Functions. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 55–72. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Canetti, R., Halevi, S., Steiner, M.: Hardness Amplification of Weakly Verifiable Puzzles. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 17–33. Springer, Heidelberg (2005)Google Scholar
  6. 6.
    Chen, L., Mao, W.: An Auditable Metering Scheme for Web Advertisement Applications. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 475–485. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Douligeris, C., Mitrokotsa, A.: DDoS Attacks and Defence mechanisms: Classification and State–of–the–Art. Computer Networks 44, 643–666 (2004)CrossRefGoogle Scholar
  8. 8.
    Dwork, C., Naor, M.: Pricing via Processing or Combatting Junk Email. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)Google Scholar
  9. 9.
    Eddy, W.: TCP SYN Flooding Attacks and Common Mitigations. RFC 4987Google Scholar
  10. 10.
    Gao, Y.: Efficient Trapdoor-Based Client Puzzle System Against DoS Attacks. M.Sc Thesis, University of Wollongong, Computer Science Department (2005)Google Scholar
  11. 11.
    Groza, B., Petrica, D.: On Chained Cryptographic Puzzles. In: 3rd Romanian-Hungarian Joint Symp. on Applied Comput. Intel. – SACI, pp. 25–26 (2006)Google Scholar
  12. 12.
    Impagliazzo, R., Rudich, S.: Limits on the Provable Consequences of One–Way Permutations. In: ACM Symp. on the Theory of Comp. – STOC 1989, pp. 44–61 (1989)Google Scholar
  13. 13.
    Jakobsson, M., Juels, A.: Proofs of Work and Bread Pudding Protocols. In: Joint Working Conference on Secure Information Networks: Communications and Multimedia Security. IFIP Conference Proceedings, vol. 152, pp. 258–272 (1999)Google Scholar
  14. 14.
    Juels, A., Brainard, J.: Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. In: ISOC Network and Distributed System Security Symposium, pp. 151–165 (1999)Google Scholar
  15. 15.
    Karig, D., Lee, R.: Remote Denial of Service Attacks and Countermeasures. Princeton University Department of Electrical Engineering Technical Report CE–L2001–002 (2001)Google Scholar
  16. 16.
    Meadows, C.: A Formal Framework and Evaluation Method for Network Denial of Service. In: 12th Computer Security Foundations Workshop, pp. 4–13. IEEE Computer Society Press, Los Alamitos (1999)Google Scholar
  17. 17.
    Meadows, C.: A Cost–Based Framework for Analysis of Denial of Service in Networks. Journal of Computer Security 9, 143–164 (2001)Google Scholar
  18. 18.
    Merkle, R.: Secure Communications Over Insecure Channels. Communications of the ACM 21, 294–299 (1978)CrossRefGoogle Scholar
  19. 19.
    Mirkovic, J., Martin, J., Reiher, P.: A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communication Review 34, 39–53 (2004)CrossRefGoogle Scholar
  20. 20.
    Moskowitz, R., Nikander, P., Jokela, P., Henderson, T.: Host Identity Protocol. Internet Draft (October 2007)Google Scholar
  21. 21.
    Price, G.: A General Attack Model of Hash-Based Client Puzzles. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 319–331. Springer, Heidelberg (2003)Google Scholar
  22. 22.
    Rivest, R.L., Shamir, A., Wagner, D.: Time-lock Puzzles and Timed-release Crypto. Massachusetts Institute of Technology Technical Report TR-684 (1996)Google Scholar
  23. 23.
    Rogaway, P.: Formalizing Human Ignorance. In: Nguyên, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 211–228. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. 24.
    Schaller, P., Capkun, S., Basin, D.: BAP: Broadcast Authentication Using Cryptographic Puzzles. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 401–419. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Smith, J., González–Nieto, J.M., Boyd, C.: Modelling Denial of Service Attacks on JFK with Meadows’s Cost–Based Framework. In: Proceedings of the 2006 Australasian workshop on Grid computing and e–research, vol. 54, pp. 125–134 (2006)Google Scholar
  26. 26.
    Specht, S., Lee, R.: Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures. In: 17th International Conference on Parallel and Distributed Computing Systems, pp. 543–550 (2004)Google Scholar
  27. 27.
    Tritilanunt, S., Boyd, C., Foo, E., González Nieto, J.M.: Toward Non-parallelizable Client Puzzles. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 247–264. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  28. 28.
    Waters, B., Juels, A., Halderman, J.A., Felten, E.W.: New Client Puzzle Outsourcing Techniques for DoS Resistance. In: 11th ACM Conference on Computer and Communication Security – CCS, pp. 246–256. ACM Press, New York (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Liqun Chen
    • 1
  • Paul Morrissey
    • 2
  • Nigel P. Smart
    • 2
  • Bogdan Warinschi
    • 2
  1. 1.Hewlett-Packard LaboratoriesBristolUK
  2. 2.Computer Science DepartmentUniversity of BristolUK

Personalised recommendations