CSE
525 (Winter 2004)
Topic #1: Client Puzzle Protocols
Ed Kaiser
[1] D. Dean, A. Stubblefield, "Using Client Puzzles to Protect TLS", USENIX Security Symposium, 2001. paper
Summary: This paper
describes a particular client puzzle implementation used to protect the
Transport Layer Security (TLS) protocol for commercial webservers. The paper
is broken down in the following manner:
- Rationale
- Volume based DoS attacks stand out
- TLS server is a weak point that requires much less volume
- A: Create a puzzle option in the TLS protocol which can be turned on and off as needed
- TLS Protocol modification
- Implementation
- Puzzle triggering function
[2] Adam Back. "Hashcash - a denial of service counter-measure", 2002. paper
Summary: This paper
describes a general client puzzle system for protecting services. The paper
is broken down in the following manner:
- Describing the concepts behind the project
- Clients must do work before they can get service
- Clients spend the proof of their labour like cash in order to get service
- Defining relevant properties of work
- Publicly auditable
- Cost
- Trapdoor free
- Parallelizability
- A description of the HashCash system
- Non-interactive
- Publicize a function with many solutions
- Slowly change the function
- Interactive
- Server to creates a special challenge
- Allows dynamic throttling
[3] Jussipekka Leiwo, Pekka Nikander, and Tuomas Aura. "Towards network denial of service resistant protocols", IFIP/SEC 2000. paper
Summary: This paper
is a survey of Denial of Service (DoS) attack methods and describes
principles necessary to protect a protocol against DoS attacks.
The paper is broken down in the following manner:
- Defining the terminology
- Availability
- Denial of Service
- Network Denial of Service
- Describing common attack methods
- Tolerable Attacks
- Deviation from Message Sequence
- Deviation from Message Syntax
- Deviation from Message Semantics
- Fabrication of Protocol Messages
- Fatal Attacks
- Describing protocol design principles
- Do easy attack detection before client authentication
- Allocate memory only after client authentication
- Client workload should be higher than server workload
- Client workload should be easily definable
- An example modified protocol (X.509)
Presentation: slides