The Case for Public Work

Whether it is port scans, spam, or distributed denial-of-service attacks from botnets, unwanted traffic is a fundamental problem in all networked systems. Although proof-of-work has been proposed as a mechanism for thwarting such attacks, few proof-of-work systems have been successfully deployed. One of the problems in the proof-of-work approach is that the systems that issue and verify puzzles are typically located at or near the server edge. Rather than eliminate the denial-of-service problem, such approaches merely shift the problem from the service itself to the proof-of-work systems protecting the service. As a result, adversaries can disable services by flooding the issuer, by flooding the verifier, or by flooding all of the network links that lead to the issuer and verifier. To address this problem, this paper proposes a new approach for building proof-of-work systems based on publicly verifiable client puzzles. The system works by issuing a single "public work function" that clients must solve for each of its subsequent requests. Because the work function is publicly verifiable, any network device at the client's edge can verify that subsequent traffic will be accepted by the service. The system mitigates floods to the issuer since only a single work function needs to be given per client, thus allowing duplicate requests and replies to be supressed. The system mitigates floods to the verifier and across links leading to the server edge by allowing the verifier to be placed arbitrarily close to the client adversary.

[1]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[2]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[3]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[4]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[5]  Pekka Nikander,et al.  DOS-Resistant Authentication with Client Puzzles , 2000, Security Protocols Workshop.

[6]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[7]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[8]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[9]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[10]  Vern Paxson,et al.  An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[11]  George Varghese,et al.  New directions in traffic measurement and accounting , 2002, CCRV.

[12]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[13]  C. Estan,et al.  New directions in traffic measurement and accounting , 2002, SIGCOMM.

[14]  Ratul Mahajan,et al.  Controlling high bandwidth aggregates in the network , 2002, CCRV.

[15]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[16]  A. Kuzmanovic,et al.  Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants , 2003, SIGCOMM '03.

[17]  David G. Andersen,et al.  Proceedings of Usits '03: 4th Usenix Symposium on Internet Technologies and Systems Mayday: Distributed Filtering for Internet Services , 2022 .

[18]  Michael K. Reiter,et al.  Defending against denial-of-service attacks with puzzle auctions , 2003, 2003 Symposium on Security and Privacy, 2003..

[19]  Wu-chang Feng,et al.  The case for TCP/IP puzzles , 2003, FDNA '03.

[20]  T. Yato,et al.  Complexity and Completeness of Finding Another Solution and Its Application to Puzzles , 2003, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[21]  Ben Laurie,et al.  \Proof-of-Work" Proves Not to Work , 2004 .

[22]  Ion Stoica,et al.  Taming IP packet flooding attacks , 2004, Comput. Commun. Rev..

[23]  David Wetherall,et al.  Preventing Internet denial-of-service with capabilities , 2004, Comput. Commun. Rev..

[24]  Mihir Bellare,et al.  Hash Function Balance and Its Impact on Birthday Attacks , 2004, EUROCRYPT.

[25]  Emin Gün Sirer,et al.  The design and implementation of a next generation name service for the internet , 2004, SIGCOMM '04.

[26]  I. Stoica,et al.  Internet indirection infrastructure , 2002, SIGCOMM '02.

[27]  Marcin Zalewski,et al.  Strange attractors and tcp/ip sequence number analysis , 2004 .

[28]  Mark Handley,et al.  Steps towards a DoS-resistant internet architecture , 2004, FDNA '04.

[29]  Fred Baker,et al.  Ingress Filtering for Multihomed Networks , 2004, RFC.

[30]  Robert Beverly,et al.  The Spoofer Project: Inferring the Extent of Internet Source Address Filtering on the Internet , 2005, SRUTI.

[31]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[32]  David K. Y. Yau,et al.  Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles , 2005, IEEE/ACM Transactions on Networking.

[33]  Mark Handley,et al.  The Case for Pushing DNS , 2005 .

[34]  Xiaowei Yang,et al.  A DoS-limiting network architecture , 2005, SIGCOMM '05.

[35]  Robert Beverly,et al.  The spoofer project: inferring the extent of source address filtering on the internet , 2005 .

[36]  Fayez Al-Shraideh,et al.  Host Identity Protocol , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[37]  Pekka Nikander,et al.  Host Identity Protocol , 2005 .