sci.crypt archive
Searching for a special challenge&response algorithm
Date: Sat Apr 29 2006 - 14:28:53 CEST
Hi,
I am searching for a special challenge & response algorithm which allows to
prevent (or better slow down) denial of service attacks. Until now I did
not succeed in finding a suitable algorithm, but may be I only used the
wrong keywords.
The general idea is as follows:
When a client connects to a server it has to authenticate itself against
the server. For preventing brute force attacks against this authentication
(systematic testing) with one client the server creates a challenge which
has to be solved by the client. For solving the challenge the client needs
a bit of CPU power which results in a delay of about a second. The server
only allows an authentication by the client after successfully solving the
challenge.
So i am searching for an algorithm which can be used in such an situation.
An additional demand to such an algorithm is that creating the challenge
and testing the client answer on server-side, if it is solved correctly
should be possible with as less as possible resources.
Does anybody know such an algorithm?
Jan
Received on Mon May 1 02:06:03 2006