Download presentation
Presentation is loading. Please wait.
Published byMyrtle Smith Modified over 9 years ago
1
Mehmud Abliz, Taieb Znati, ACSAC (Dec., 2009)
2
Outline Introduction Desired properties Basic scheme Improvements to the basic scheme Analysis Related work Conclusion and future work
3
Introduction A denial of service (DoS) or a distributed denial of service (DDoS) attack is an attempt by malicious parties to prevent legitimate users from accessing a service, usually by depleting the resources of the server. The targeted resource of the attack can be bandwidth, CPU, memory, disk capacity, or combination of the above.
4
Introduction Cryptographic puzzles are proposed to defend against such denial of service attacks by better balancing the computational load of client and server. In a cryptographic puzzle scheme, a client is required to solve a cryptographic puzzle and submit the puzzle solution as proof of work before the server commits substantial resources to its request.
5
Introduction Cryptographic puzzles are first introduced by Dwork and Naor to combat junk e-mails. Resource disparity
6
Introduction In a hash reversal puzzle, a puzzle with difficulty d takes on average 2 d-1 hash operations to compute its solution. Say a server can handle 1000 requests per second, and a subset of clients have limited resources, and can perform 10 5 hash operations per second at maximum. Assuming these clients can spend at most 50% of their computational power on computing puzzles, then the server should allow at least 2 20 /0.5*10 5 = 20 seconds between sending a puzzle and receiving its solution, for a hash-reversal puzzle with difficulty d = 21.
7
Introduction An attacker with an ASIC designed for hash computation can perform 10 9 hash operations per second, so she can compute 20 sec /(2 20 /10 9 ) = 20,000 puzzles with the same difficulty during that 20-second period. This means an attacker with just one such ASIC component can easily overwhelm the server.
8
Introduction Guided tour puzzle Use the network round-trip delay as the unit work in the puzzle solving process, and require a client to complete a guided tour by visiting a predefined set of nodes, called tour guides, in a certain sequential visiting order.
9
Desired properties
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.