• Corpus ID: 256306

Hashcash - A Denial of Service Counter-Measure

@inproceedings{Back2002HashcashA,
  title={Hashcash - A Denial of Service Counter-Measure},
  author={Adam Back},
  year={2002}
}
Hashcash was originally proposed as a mechanism to throttle systematic abuse of un-metered internet resources such as email, and anonymous remailers in May 1997. Five years on, this paper captures in one place the various applications, improvements suggested and related subsequent publications, and describes initial experience from experiments using hashcash. The hashcash CPU cost-function computes a token which can be used as a proof-of-work. Interactive and noninteractive variants of cost… 
Lazy Susan: dumb waiting as proof of work
TLDR
This paper shows that existing resource-based schemes have several problems, and proposes latency-based proof-of-work as a solution, and describes centralised and distributed variants, introducing the problem class of non-parallelisable shared secrets in the process.
Protecting the Internet with Public Work
TLDR
A number of different ways public work can augment current systems are described and a promising instantiation of the public work scheme using DNS is evaluated.
RB-PoW: A reputation based approach tocryptographic mitigation of denial-of-serviceattacks
TLDR
A novel reputationbased proof-of-work (RB-PoW) protocol based on adaptive scaling of puzzle difficulties to mitigate various denial- of-service attacks is proposed and is concluded to be superior to the classical PoW that is basedsolely on server load.
Bitcoin: A Peer-to-Peer Electronic Cash System
TLDR
This work proposes a solution to the double-spending problem using a peer-to-peer network, where the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof- of-work.
Throttling DDoS attacks using discrete logarithm problem
TLDR
This paper proposes a solution to trim down the impact of DDoS attacks by throttling the client's CPU i.e., to make clients pay a stamp fee which is collected in terms of resource usage such as CPU cycles.
Distributed Tarpitting: Impeding Spam Across Multiple Servers
TLDR
An Irish ISP's attempts to combat the abuse of resources caused by unsolicited commercial email are described, and how effective this has been is examined, and some ideas for future development are discussed.
A Ringer-Based Throttling Approach to Mitigate DDoS Attacks
TLDR
This paper addresses the problem of mitigating the effects of distributed denial of service attacks with a ringer-based approach in which a polynomial is sent as challenge to each requesting party, leading to far less computation overhead on the server for validating the clients and forcing the client to devote considerable computation efforts to gain access to a service.
Out-of-Band Authentication Model with Hashcash Brute-Force Prevention
  • George C. Violaris, I. Dionysiou
  • Computer Science
    2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS)
  • 2014
TLDR
It is essential to find ways which the OTP cannot be brute-forced or circumvented, by providing mechanisms such as automatic purging of OTPs from the database and enhancing the safety of the server traffic handling as well as the HTTP form submission requests and responses with a library known as Hash cash.
An integrated approach to cryptographic mitigation of denial-of-service attacks
TLDR
This paper proposes an efficient method that allows a defending server to authenticate its clients gradually with the help of some fast-to-verify measures, and integrates hash-based client puzzles along with a special class of digital signatures supporting fast verification.
Augmenting a Webmail Application with Cryptographic Puzzles to Deflect Spam
  • Marius Cristea, B. Groza
  • Computer Science
    2011 4th IFIP International Conference on New Technologies, Mobility and Security
  • 2011
TLDR
In order to increase the resilience against spam, a protocol based on cryptographic puzzles for an open-source web based e-mail client is designed and implemented, which allows the sender of the e-mails to generate the puzzle himself, releasing the E-mail server from an additional computational task.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 21 REFERENCES
Using Client Puzzles to Protect TLS
TLDR
Measurements of CPU load and latency when the modified library is used to protect a secure webserver show that client puzzles are a viable method for protecting SSL servers from SSL based denial-of-service attacks.
Hashcash - Amortizable Publicly Auditable Cost-Functions
TLDR
A distributed efficiently amortizable CPU cost-function with no trap–door is presented which can be used in situations where the server can issue a challenge, and where it can’t (where the communication is store–and–forward, or packet oriented) respectively.
Tangler: a censorship-resistant publishing system based on document entanglements
TLDR
The design of a censorship-resistant system that employs a unique document storage mechanism designed to eject non-compliant servers and prevent them from doing more harm than good is described.
Publius: a robust, tamper-evident, censorship-resistant web publishing system
TLDR
This work describes a system that has the property that it is very difficult for any adversary to censor or modify the content, and the identity of the publisher is protected once the content is posted.
Time-lock Puzzles and Timed-release Crypto
TLDR
There are two natural approaches to implementing timed-release crypto: Use ``time-lock puzzles''--computational problems that can not be solved without running a computer continuously for at least a certain amount of time, and use trusted agents who promise not to reveal certain information until a specified date.
Pricing via Processing or Combatting Junk Mail
We present a computational technique for combatting junk mail in particular and controlling access to a shared resource in general. The main idea is to require a user to compute a moderately hard,
Self-certifying file system
TLDR
While other file systems need key management to map file names to encryption keys, SFS file names effectively contain public keys, making them self-certifying pathnames, making SFS more versatile than any file system with built-in key management.
Proofs of Work and Bread Pudding Protocols
The bread pudding protocol of the present invention represents a novel use of proofs of work and is based upon the same principle as the dish from which it takes its name, namely, that of reuse to
Peer-to-Peer: Harnessing the Power of Disruptive Technologies
TLDR
Key peer-to-peer pioneers take us beyond the headlines and hype and show how the technology is changing the way the authors communicate and exchange information.
Hashcash, May 1997. Published at http://www.cypherspace.org/hashcash
  • 1997
...
1
2
3
...