Change search
ReferencesLink to record
Permanent link

Direct link
Autentisering av klient genom Proof-of-work och Challenge-response.
KTH, School of Computer Science and Communication (CSC).
2011 (Swedish)Independent thesis Advanced level (professional degree), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

This essay will analyze the basics of two techniques called Proof-of-work and Challenge-response with the purpose to see how the combination of these could be used to create a authentication protocol that can ensure both the identity and intention of a client. I will examine whether, and if so how, this new protocol can prevent Brute-force and Denial-of-service attacks by taking advantage of key security features of Proof-of-work Challenge-response respectively.

A realization of the protocol will be presented, both theoretically as well as in the form of a implementation in created as a client/server model. An analysis of the proposed protocol will be provided, which will show how the combination of Proof-of-work and Challenge-response can provide some security benefits but also creates new flaws that ultimately makes the protocol unsuitable for practical use in its present form.

Abstract [sv]

Denna essä kommer att analysera grunderna i två tekniker vid namn Proof-of-work och Challenge-response i syftet att se på hur kombinationen av dessa skulle kunna användas för att skapa ett autententiseringsprotokoll som kan säkerställa både identitet och intention hos en klient.

Jag kommer undersöka om, och i så fall hur, detta nya protokoll kan motverka Brute-force och Denial-of-service attacker genom att utnyttja viktiga säkerhetsrelaterade egenskaper från Proof-of-work resp. Challenge-response.

En realisering av protokollet kommer att presenteras, både teoretiskt samt en implementation i form av en klient/server-modell. En analys av föreslaget protokoll kommer att ges, vilken kommer att visa på hur kombinationen av Proof-of-work och Challenge-response kan ge vissa säkerhetsmässiga fördelar men även skapar nya brister som i slutändan gör protokollet opassande för praktiskt bruk i dess nuvarande form.

Place, publisher, year, edition, pages
Kandidatexjobb CSC, K11092
National Category
Computer Science
URN: urn:nbn:se:kth:diva-130867OAI: diva2:654312
Educational program
Master of Science in Engineering - Computer Science and Technology
Available from: 2013-10-07 Created: 2013-10-07

Open Access in DiVA

No full text

Other links
By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 40 hits
ReferencesLink to record
Permanent link

Direct link