Skip to main content
SpringerLink
Log in

Efficient Modular Exponentiation-Based Puzzles for Denial-of-Service Protection

  • Conference paper
Information Security and Cryptology - ICISC 2011 (ICISC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7259))

Included in the following conference series:

Abstract

Client puzzles are moderately-hard cryptographic problems — neither easy nor impossible to solve — that can be used as a countermeasure against denial of service attacks on network protocols. Puzzles based on modular exponentiation are attractive as they provide important properties such as non-parallelisability, deterministic solving time, and linear granularity. We propose an efficient client puzzle based on modular exponentiation. Our puzzle requires only a few modular multiplications for puzzle generation and verification. For a server under denial of service attack, this is a significant improvement as the best known non-parallelisable puzzle proposed by Karame and Čapkun (ESORICS 2010) requires at least 2k-bit modular exponentiation, where k is a security parameter. We show that our puzzle satisfies the unforgeability and difficulty properties defined by Chen et al. (Asiacrypt 2009). We present experimental results which show that, for 1024-bit moduli, our proposed puzzle can be up to 30 × faster to verify than the Karame-Čapkun puzzle and 99 × faster than the Rivest et al.’s time-lock puzzle.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aura, T., Nikander, P.: Stateless Connections. In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87–97. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  2. Aura, T., Nikander, P., Leiwo, J.: DOS-Resistant Authentication with Client Puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Back, A.: Hashcash: A denial-of-service countermeasure (2002), http://www.hashcash.org/papers/hashcash.pdf

  4. Boyko, V.: A pre-computation scheme for speeding up public-key cryptosystems. Master’s thesis, Massachusetts Institute of Technology (1998), http://hdl.handle.net/1721.1/47493

  5. Boyko, V., Peinado, M., Venkatesan, R.: Speeding up Discrete Log and Factoring Based Schemes via Precomputations. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 221–235. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  6. Chen, L., Morrissey, P., Smart, N.P., Warinschi, B.: Security Notions and Generic Constructions for Client Puzzles. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 505–523. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Dwork, C., Naor, M.: Pricing via Processing or Combatting Junk Mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)

    Google Scholar 

  8. Feng, W., Kaiser, E., Luu, A.: Design and implementation of network puzzles. In: INFOCOM 2005, vol. 4, pp. 2372–2382. IEEE (2005)

    Google Scholar 

  9. Hofheinz, D., Unruh, D.: Comparing two notions of simulatability. In: Kilian [2], pp. 86–103

    Google Scholar 

  10. Juels, A., Brainard, J.: Client puzzles: A cryptographic countermeasure against connection depletion attacks. In: NDSS 1999, pp. 151–165. Internet Society (1999)

    Google Scholar 

  11. Karame, G., Čapkun, S.: Low-Cost Client Puzzles Based on Modular Exponentiation. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 679–697. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Kilian, J. (ed.): TCC 2005. LNCS, vol. 3378. Springer, Heidelberg (2005)

    MATH  Google Scholar 

  13. Lenstra, A., Verheul, E.: Selecting cryptographic key sizes. J. Cryptology 14(4), 255–293 (2001)

    MathSciNet  MATH  Google Scholar 

  14. Mao, W.: Timed-Release Cryptography. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 342–358. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Miller, G.L.: Riemann’s hypothesis and tests for primality. In: STOC, pp. 234–239. ACM (1975)

    Google Scholar 

  16. Moore, D., Shannon, C., Brown, D.J., Voelker, G.M., Savage, S.: Inferring internet denial-of-service activity. ACM Transactions on Computer Systems (TOCS) 24(2), 115–139 (2006)

    Article  Google Scholar 

  17. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical Report TR-684, MIT Laboratory for Computer Science (March 1996)

    Google Scholar 

  18. Shparlinski, I.: On the uniformity of distribution of the RSA pairs. Mathematics of Computation 70(234), 801–808 (2001)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane, Queensland, 4001, Australia

    Jothi Rangasamy, Douglas Stebila, Lakshmi Kuppusamy, Colin Boyd & Juan Gonzalez Nieto

Authors
  1. Jothi Rangasamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Douglas Stebila
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lakshmi Kuppusamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Colin Boyd
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Juan Gonzalez Nieto
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. (A06) 6503 School of Computer Science and Engineering, Pusan National University, San-30, JangJeon-Dong, 609-735, GeumJeong-Gu, Busan, South Korea

    Howon Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rangasamy, J., Stebila, D., Kuppusamy, L., Boyd, C., Gonzalez Nieto, J. (2012). Efficient Modular Exponentiation-Based Puzzles for Denial-of-Service Protection. In: Kim, H. (eds) Information Security and Cryptology - ICISC 2011. ICISC 2011. Lecture Notes in Computer Science, vol 7259. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31912-9_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31912-9_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31911-2

  • Online ISBN: 978-3-642-31912-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation