Change search
ReferencesLink to record
Permanent link

Direct link
Analysis of the Client Puzzles Protocol.
KTH, School of Computer Science and Communication (CSC).
KTH, School of Computer Science and Communication (CSC).
2012 (English)Independent thesis Advanced level (professional degree), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

This paper covers a certain proof of work protocol known as the client puzzles. The client puzzles is placed upon the protocol it is supposed to protect and is specifically designed to protect against connection depletion attacks. Our study is to determine how well the client puz- zles protocol prevents connection depletion attacks and how it affects other parts of the system. To do this we choose to implement our own version of the client puzzles protocol and to see how it performs as well as read up on what other people has learned about its strengths and flaws. After implementing and trying with different sized puzzles we could determine that the client puzzles actually could provide some protection against connection depletion attacks though it also became clear that the protocol has some other issues. These flaws include in- creased vulnerability to distributed denial of service attacks by solving large amounts of puzzles on the clients, denial of service attacks by just requesting puzzles without solving them. Our conclusion of the client puzzles protocol is that while the pro- tocol could solve the security issue it is supposed to, it provides with even more new problems. That combined with the fact that it needs software on all clients makes it a quite bad solution.

Abstract [sv]

Detta dokument behandlar ett proof-of-work protokoll som heter client puzzles. Client puzzles placeras ovanp protokollet som ska skyddas och r utformad fr att skydda mot en typ av attack som kallas connection depletion attack. Vi har studerat hur vl Client puzzles protokollet skyddar mot connection depletion attacker och hur det pverkar andra delar av systemet. Fr att gra detta vljer vi att implementera vr egen version av pusslen i protokollet fr att kunna presentera statistik p hur prestandan r fr de olika stegen samt lsa p vad andra mnniskor har skrivit om protokollets styrkor och svagheter. Efter att ha implementerat pusslen och testat med olika storlekar kan vi se att protokollet ger ett visst skydd mot connection depletion attacks men ven att det finns ngra andra problem med protokollet. Dessa problem bestr av kad srbarhet mot till exempel distribuerade denial of service-attacker genom att mnga klienter kan lsa mnga pussel p en kort tid och p s vis komma runt skyddet som Client puzzles protokollet ger. Ett annat problem r ocks att protokollet ppnar upp en ny svaghet mot en connection depletion attack genom att en klient kan be om mnga pussel utan att lsa dem och p s vis verbelasta serverns processor eftersom att den behver generera mnga pussel. Vr slutsats r att ven om protokollet till viss del lser det skerhetsproblem som det tnkt fr det med sig flera nya problem. Det tillsammans med att det krvs mjukvara hos klienterna gr att protokollet verlag inte r ngon bra lsning.

Place, publisher, year, edition, pages
Kandidatexjobb CSC, K12028
National Category
Computer Science
URN: urn:nbn:se:kth:diva-131033OAI: diva2:654479
Educational program
Master of Science in Engineering - Computer Science and Technology
Available from: 2013-10-07 Created: 2013-10-07

Open Access in DiVA

No full text

Other links
By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 50 hits
ReferencesLink to record
Permanent link

Direct link