A Denial-of-Service Resistant Authentication Solution for Security Protocols

Abstract

Nowadays, security protocols are under the threat of compute resource exhausting DoS attack and memory resource exhausting DoS attack. Based on the research of Cookie method and Client Puzzle way, a sponsor identity authenticating solution for resisting DoS attacks was presented, which can improve security protocol: by only add two or three messages based on original protocol can the solution enhances the original protocol's ability on resisting resource exhausting DoS attacks without changing its architecture. The frame and implementation of solution was presented, then, the solution analysis and experiment was conducted. The experimental result confirmed the validity of this solution, and showed that the solution can enhance the ability of security protocols on resisting resource exhausting DoS attack.