By a computational puzzle we mean a mildly dicult computational problem that requires resources (processor cycles, memory, or both) to solve. Puzzles have found a variety of uses in security. In this paper we are concerned with client puzzles: a type of puzzle used as a defense against Denial of Service (DoS) attacks. The main contribution of this paper is a formal model for the security of client puzzles. We clarify the interface that client puzzles should oer and give two security notions for puzzles. Both functionality and security are inspired by, and tailored to, the use of puzzles as a defense against DoS attacks. Our denitions ll an important gap: breaking either of the two properties immediately leads to successful DoS attacks. We illustrate this point with an attack against a previously proposed puzzle construction. We also provide a generic construction of a client puzzle which meets our security denitions.
|Translated title of the contribution||Security Notions and Generic Constructions for Client Puzzles|
|Title of host publication||Advances in Cryptology - Asiacrypt 2009|
|Publisher||Springer Berlin Heidelberg|
|Publication status||Published - 2009|
Bibliographical noteOther page information: 505-523
Conference Proceedings/Title of Journal: Advances in Cryptology - Asiacrypt 2009
Other identifier: 2001098