Back to Tuomas Aura's home page

DOS-resistant Authentication with Client Puzzles

Pekka Nikander, Tuomas Aura
Helsinki University of Technology, FIN-02015 HUT, Finland

Jussipekka Leiwo
Vrije Universiteit, FIW, De Boelelaan 1081A, 1081 HV Amsterdam, The Netherlands


Denial of service by server resource exhaustion has become a major security threat in open communications networks. Public-key authentication does not completely protect against the attacks because the authentication protocols often leave ways for an unauthenticated client to consume a server's memory space and computational resources by initiating a large number of protocol runs and inducing the server to perform expensive cryptographic computations. We show how stateless authentication protocols and the client puzzles of Juels and Brainard can be used to prevent such attacks.

Full paper in Postscript

  author = 	 {Tuomas Aura and Pekka Nikander and Jussipekka Leiwo},
  title = 	 {{DOS}-resistant authentication with client puzzles},
  booktitle = 	 {Proc.\ Security Protocols Workshop 2000},
  year =         2000,
  address =	 {Cambridge, UK},
  publisher =	 {Springer},
  note =	 {To appear}