By Topic

A denial-of-service resistant public-key authentication and key establishment protocol

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Chun-Kan Fung ; Chinese Univ. of Hong Kong, Shatin, China ; Lee, M.C.

Network denial-of-service attacks, which exhaust the server resources, have become a serious security threat to the Internet. Public key infrastructure (PKI) has long been introduced in various authentication protocols to verify the identities of the communicating parties. Although the use of PKI can present difficulty to the denial-of-service attackers, the underlying problem has not been resolved completely, because the use of public-key infrastructure involves computationally expensive operations such as modular exponentiation. An improper deployment of the public-key operations in a protocol allows the attacker to exhaust the server's resources. This paper presents a public-key based authentication and key establishment protocol integrated with a sophisticated client puzzle, which together provides a good solution for network denial-of-service attacks, and various other common attacks. The joint establishment of session keys by both the client and the server protects the session after the mutual authentication. The basic strategy to protect against denial of service is to impose an adjustable cost on the attacker while launching the attacks. The proposed client puzzle protocol can also be integrated with other network protocols to protect against denial-of-service attacks

Published in:

Performance, Computing, and Communications Conference, 2002. 21st IEEE International

Date of Conference:

2002