Practical client puzzles in the standard model

Client puzzle based on the interval discrete logarithm problem.


Client puzzles are cryptographic problems that are neither easy nor hard to solve. Most puzzles are based on either number theoretic or hash inversions problems. Hash-based puzzles are very efficient but so far have been shown secure only in the random oracle model; number theoretic puzzles, while secure in the standard model, tend to be inefficient. In this paper, we solve the problem of constructing cryptographic puzzles that are secure in the standard model and are very efficient. We present an efficient number theoretic puzzle that satisfies the puzzle security definition of Chen et al. (ASIACRYPT 2009). To prove the security of our puzzle, we introduce a new variant of the interval discrete logarithm assumption which may be of independent interest, and show this new problem to be hard under reasonable assumptions. Our experimental results show that, for 512-bit modulus, the solution verification time of our proposed puzzle can be up to 50x and 89x faster than the Karame-Čapkun puzzle and Rivest et al.'s time-lock puzzle respectively. In particular, the solution verification time of our puzzle is only 1.4x slower than that of Chen et al.'s efficient hash based puzzle.

Keywords: client puzzle, denial of service, interval discrete log problem, factorisation, puzzle unforgeability, puzzle difficulty


Lakshmi Kuppusamy, Jothi Rangasamy, Douglas Stebila, Colin Boyd, Juan González Nieto. Practical client puzzles in the standard model. In Proc. 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2012, pp. 42-43. ACM, May 2012. © ACM.




This research was supported by:
  • Australia–India Strategic Research Fund (AISRF) project TA020002