TLS Client Puzzles Extension
暂无分享,去创建一个
Client puzzles allow a TLS server to defend itself against asymmetric
DDoS attacks. In particular, it allows a server to request clients
perform a selected amount of computation prior to the server
performing expensive cryptographic operations. This allows servers to
employ a layered defense that represents an improvement over pure
rate-limiting strategies. Client puzzles are implemented as an
extension to TLS 1.3 [I-D.ietf-tls-tls13] wherein a server can issue a
HelloRetryRequest containing the puzzle as an extension. The client
must then resend its ClientHello with the puzzle results in the
extension.