Skip to main content
Springer Nature Link
Log in

Combating Spam and Denial-of-Service Attacks with Trusted Puzzle Solvers

  • Conference paper
Information Security Practice and Experience (ISPEC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4991))

Abstract

Cryptographic puzzles can be used to mitigate spam and denial-of-service (DoS) attacks, as well as to implement timed-release cryptography. However, existing crypto puzzles are impractical because: (1) solving them wastes computing resources and/or human time, (2) the time it takes to solve them can vary dramatically across computing platforms, and/or (3) applications become non-interoperable due to competition for resources when solving them.

We propose the use of Trusted Computing in constructing crypto puzzles. Our puzzle constructions have none of the drawbacks above and only require each client machine to be equipped with a small tamper-resistant Trusted Puzzle Solver (TPS), which may be realized using the prevalent Trusted Platform Module (TPM) with minimal modifications.

This work was supported in part by the U.S. Department of Homeland Security under Grant Award Number 2006-CS-001-000001, the Institute for Security Technology Studies, under Grant number 2005-DD-BX-1091 awarded by the Bureau of Justice Assistance, and the National Science Foundation, under grant CNS-0524695. The views and conclusions do not necessarily represent those of the sponsors.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Adams, C., Farrell, S.: Internet X.509 Public Key Infrastructure Certificate Management Protocols. Internet Engineering Task Force: RFC 2510 (1999)

    Google Scholar 

  2. Aura, T., Nikander, P., Leiwo, J.: DOS-Resistant Authentication with Client Puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Back, A.: Hashcash (1997), http://hashcash.org

  4. Bellare, M., Goldwasser, S.: Encapsulated Key Escrow. Technical report, Massachusetts Institute of Technology, Cambridge, MA, USA (1996)

    Google Scholar 

  5. Bellare, M., Shi, H., Zhang, C.: Foundations of Group Signatures: The Case of Dynamic Groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)

    Google Scholar 

  6. Boneh, D., Naor, M.: Timed Commitments. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Borisov, N.: Computational Puzzles as Sybil Defenses. In: Peer-to-Peer Computing, pp. 171–176. IEEE Computer Society Press, Los Alamitos (2006)

    Google Scholar 

  8. Brickell, E.F., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)

    Google Scholar 

  9. Cathalo, J., Libert, B., Quisquater, J.-J.: Efficient and Non-interactive Timed-Release Encryption. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 291–303. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Chalkias, K., Stephanides, G.: Timed Release Cryptography from Bilinear Pairings Using Hash Chains. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 130–140. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Chan, A.C.-F., Blake, I.F.: Scalable, Server-Passive, User-Anonymous Timed Release Cryptography. In: ICDCS, pp. 504–513. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  12. Dean, D., Stubblefield, A.: Using Client Puzzles to Protect TLS. In: SSYM: Proceedings of the 10th conference on USENIX Security Symposium, Berkeley, CA, USA, 2001. USENIX Association, p. 1 (2001)

    Google Scholar 

  13. Dwork, C., Naor, M.: Pricing via Processing or Combatting Junk Mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)

    Google Scholar 

  14. Dworkin, M.: Recommendation for Block Cipher Modes of Operations–Methods and Techniques. Technical report, National Institute of Standards and Technology (NIST) (December 2001), http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf

  15. Franklin, M.K., Malkhi, D.: Auditable Metering with Lightweight Security. In: FC 1997. LNCS, vol. 1318, pp. 151–160. Springer, Heidelberg (1997)

    Google Scholar 

  16. Garay, J.A., Jakobsson, M.: Timed Release of Standard Digital Signatures. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 168–182. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Jakobsson, M., Juels, A.: Proofs of Work and Bread Pudding Protocols. In: CMS 1999: Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks, Deventer, The Netherlands, pp. 258–272. Kluwer Academic Publishers, Dordrecht (1999)

    Google Scholar 

  18. Juels, A., Brainard, J.G.: Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. In: NDSS. The Internet Society (1999)

    Google Scholar 

  19. Kaliski, B., Staddon, J.: PKCS #1: RSA Cryptography Specifications Version 2.0 (1998)

    Google Scholar 

  20. Kauer, B.: OSLO: Improving the Security of Trusted Computing. In: USENIX Security Symposium, pp. 229–237. USENIX (2007)

    Google Scholar 

  21. Mankins, D., Krishnan, R., Boyd, C., Zao, J., Frentz, M.: Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing. In: ACSAC 2001: Proceedings of the 17th Annual Computer Security Applications Conference, p. 411. IEEE Computer Society, Los Alamitos (2001)

    Google Scholar 

  22. May, T.: Time-release Crypto. Manuscript (February 1993)

    Google Scholar 

  23. Merkle, R.C.: Secure Communications Over Insecure Channels. Commun. ACM 21(4), 294–299 (1978)

    Article  Google Scholar 

  24. Rivest, R.L.: Description of the LCS35 Time Capsule Crypto-Puzzle (April 1999), http://www.lcs.mit.edu/about/tcapintro041299

  25. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock Puzzles and Timed-release Crypto. Manuscript, http://theory.lcs.mit.edu/~rivest/RivestShamirWagner-timelock.ps

  26. Roman, R., Zhou, J., Lopez, J.: Protection Against Spam Using Pre-Challenges. In: SEC, pp. 281–294. Springer, Heidelberg (2005)

    Google Scholar 

  27. Serjantov, A., Lewis, S.: Puzzles in P2P systems. In: 8th Cabernet Radicals Workshop (October 2003)

    Google Scholar 

  28. TPM Work Group. TCG TPM Specification Version 1.2 Revision 103. Technical report, Trusted Computing Group (2007)

    Google Scholar 

  29. Trusted Computing Group. TCG Specification Architecture Overview Revision 1.4. Technical report, Trusted Computing Group (2007)

    Google Scholar 

  30. von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  31. Waters, B., Juels, A., Halderman, J.A., Felten, E.W.: New Client Puzzle Outsourcing Techniques for DoS Resistance. In: ACM Conference on Computer and Communications Security, pp. 246–256. ACM Press, New York (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Dartmouth College, Hanover, NH 03755, USA

    Patrick P. Tsang & Sean W. Smith

Authors
  1. Patrick P. Tsang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sean W. Smith
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Liqun Chen Yi Mu Willy Susilo

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tsang, P.P., Smith, S.W. (2008). Combating Spam and Denial-of-Service Attacks with Trusted Puzzle Solvers. In: Chen, L., Mu, Y., Susilo, W. (eds) Information Security Practice and Experience. ISPEC 2008. Lecture Notes in Computer Science, vol 4991. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79104-1_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-79104-1_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-79103-4

  • Online ISBN: 978-3-540-79104-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics