Author
|
Conference
|
Journal
|
Organization
|
Year
|
DOI
Look for results that meet for the following criteria:
since
equal to
before
between
and
Search in all domains
Limit my searches in the following domains
Agriculture Science
Arts & Humanities
Biology
Chemistry
Computer Science
Economics & Business
Engineering
Environmental Sciences
Geosciences
Material Science
Mathematics
Medicine
Physics
Social Science
Multidisciplinary
Keywords
(9)
Denial of Service
Denial of Service Attack
Digital Signature
Digital Signature Scheme
Integrated Approach
Method Integration
Network Protocol
Signature Verification
Secure Socket Layer
Subscribe
Academic
Publications
An integrated approach to cryptographic mitigation of denial-of-service attacks
Edit
An integrated approach to cryptographic mitigation of denial-of-service attacks
(
Citations: 1
)
BibTex
|
RIS
|
RefWorks
Download
Jothi Rangasamy
,
Douglas Stebila
,
Colin Boyd
,
Juan González Nieto
Gradual authentication is a principle proposed by Meadows as a way to tackle denial-of-service attacks on network protocols by gradually increasing the confidence in clients before the server commits resources. In this paper, we propose an efficient method that allows a defending server to authenticate its clients gradually with the help of some fast-to-verify measures. Our method integrates hash-based client puzzles along with a special class of digital signatures supporting fast verification. Our hash-based client puzzle provides finer granularity of difficulty and is proven secure in the puzzle difficulty model of Chen et al. (2009). We integrate this with the fast-verification
digital signature scheme
proposed by Bernstein (2000, 2008). These schemes can be up to 20 times faster for client authentication compared to RSA-based schemes. Our experimental results show that, in the Secure Sockets Layer (SSL) protocol, fast verification digital signatures can provide a 7% increase in connections per second compared to RSA signatures, and our integration of client puzzles with client authentication imposes no performance penalty on the server since puzzle verification is a part of signature verification.
Published in 2011.
DOI:
10.1145/1966913.1966929
Cumulative
Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
(
portal.acm.org
)
(
portal.acm.org
)
Citation Context
(1)
...Client puzzles were first proposed by Dwork and Naor [12] to control junk email by having recipients only accept emails if they were accompanied by a correct puzzle solution, and have since been extended to protect cryptographic protocols such as authentication [13], [14] and key exchange [15], [16] protocols, as well as network protocols such as TCP [17] and TLS [18], [
19
]...
Suriadi Suriadi
,
et al.
Defending Web Services against Denial of Service Attacks Using Client ...
References
(29)
Stateless connections
(
Citations: 51
)
Tuomas Aura
,
Pekka Nikander
Conference:
International Conference on Information and Communication Security - ICICS
, pp. 87-97, 1997
DOS-Resistant Authentication with Client Puzzles
(
Citations: 191
)
Tuomas Aura
,
Pekka Nikander
,
Jussipekka Leiwo
Conference:
Security Protocols Workshop
, pp. 170-177, 2000
To the Editors
(
Citations: 29
)
JamesA McGregor
Journal:
American Journal of Obstetrics and Gynecology - AMER J OBSTET GYNECOL
, vol. 175, no. 3, pp. 754-754, 1996
Hashcash A Denial of Service CounterMeasure
(
Citations: 84
)
Adam Back
Conference:
USENIX Technical Conference - USENIX
, 2002
A Secure Public-Key Signature System With Extremely Fast Verification
(
Citations: 6
)
Daniel J. Bernstein
Published in 2000.
Order by:
Citations
(1)
Defending Web Services against Denial of Service Attacks Using Client Puzzles
Suriadi Suriadi
,
Douglas Stebila
,
Andrew Clark
,
Hua Liu
Conference:
International Conference on Web Services - ICWS
, 2011