new client puzzle outsourcing techniques for dos resistance brent waters, stanford university ari...
TRANSCRIPT
![Page 1: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/1.jpg)
New Client Puzzle Outsourcing Techniques for DoS Resistance
Brent Waters, Stanford UniversityAri Juels, RSA Laboratories
Alex Halderman, Princeton UniversityEd Felten, Princeton University
![Page 2: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/2.jpg)
Client Puzzles
• DoS attack the attackers consume resources quickly
• May not be enough resources left for a regular client
ServerAttackers
User
Request
Request
Request
Request
Request
Request
![Page 3: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/3.jpg)
Client Puzzles
• Client puzzles slow down an attacker by making him solve a moderately hard challenge before granting a resource• Typically, partially invert a hash function
ServerAttackers
User
Request
y,z
x, where H(x|y)=z
Request
y’,z’
x’, where H(x|y)=z
![Page 4: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/4.jpg)
Client Puzzles
Client Puzzles can potentially be used to protect many different kinds of resources– Email SPAM [DN’92]– TCP SYN buffers [JB’99]– CPU on SSL connections [JB’99, DS’02] – Database Queries
• Resource intensive queries• DRM?
– IP packets
![Page 5: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/5.jpg)
Shortcomings of Client Puzzles
1) Puzzle-solving delay after user request
– User must wait for his machine to solve puzzle
– Is this a problem? [JB’99] show 1s delay for TCP syn buffer…
– However, they do their analysis under 20 attackers
– Lesson: Delay depends upon number of attackers and scarcity of resource
![Page 6: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/6.jpg)
Shortcomings of Client Puzzles
2) Server hash computation per submitted solution– Hash overhead ~1us computation time
– Typically small relative to resource given
– Attack by flooding server with incorrect solutions
– Impractical if protecting a low level service such as IP layer
![Page 7: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/7.jpg)
Our Solution
• Outsource puzzle creation– Puzzles created are independent of client or server using
them
• Solve for access to “channels” on servers– Assume internal routing structure is resistant to
eavesdropping
![Page 8: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/8.jpg)
• Bastion service distributes puzzles– Global Service– Bastion operation is independent of servers and clients using it Scalability
Outsourcing Puzzles
1
2
N
![Page 9: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/9.jpg)
Outsourcing Puzzles
• Since puzzles are independent of bastion can use robust systems to distribute puzzles
• Leverage point
1
2
N
![Page 10: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/10.jpg)
Solving for Channels
• Client solves for a random channel• Next time period uses solved channel as solution• Solution can be transformed to work on any server
Time
1
2
N
507
![Page 11: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/11.jpg)
Solving for Channels
• Client solves for a random channel• Next time period uses solved channel as solution• Solution can be transformed to work on any server
Time
507
507
![Page 12: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/12.jpg)
Solving for Channels
• Client solves for a random channel• Next time period uses solved channel as solution• Solution can be transformed to work on any server
Time
507
Server A
Server B
507
507
PKA
PKB
507
1
1
507check
check
![Page 13: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/13.jpg)
Attackers and Channels
• Attacker can only get resources allotted to channels he has solved puzzles for
Server A
507507PKA
PKA
Attackers
157678
157678
157
678
507
![Page 14: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/14.jpg)
Puzzle Construction
• N Channels• P(x,d): Puzzle hiding x of difficulty d• H : Hash function• xi : Randomly chosen each iteration
1
2
N
Xi=gxi mod p, P(xi,d)
Puzzle for channel i Public Key of Server A
Y=ga
H(gaxi) Token for channel i on server A
![Page 15: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/15.jpg)
Client and Server Operation
Client
Solve puzzle for period j+1• Pick random channel• Solve puzzle for channel
Server
Compute all N tokens for period j+1
• Public key = ga
• For all Xi=gxi compute Xia =gaxi
Time
j-1 j j+1
Use solution computed during period j-1•Have solution xi for channel i•For server with public key Y=ga compute Yxi =gaxi as token for channel i
•Use tokens computed during
period j-1
•Request on channel i, do a quick comparison on token list
•Keep track of resources granted per channel
![Page 16: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/16.jpg)
Key Points
• User does not wait for puzzle to be solved
• Bytestring comparison per claimed solution
• Primary bottleneck is # of channels the server computes tokens for (exponentiations) – Will improve as processor speeds increase– Can give out Xi before Puz(xi,d)
![Page 17: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/17.jpg)
An Example
Time cycles of 20 minutesN=20,000 channels~5% of a high end server’s computing timeSet puzzle difficulty so typical machine can have 2
solutions
1,000 attackers with 1,000 solutions; 1/10 of channels
Regular user has 2 random channels each 10% chance of being occupied by adversary 1% that both are occupied
![Page 18: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/18.jpg)
Prototype ImplementationRate limits number of new TCP connectionsAfter SYN packet must wait n seconds before another on channel
HTTP Server
to simulate Bastion
167 298SYN
Sends two previously computed tokens
48 48
![Page 19: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/19.jpg)
Flooding Attack Experiment
Attacker submits several false solutions
![Page 20: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/20.jpg)
Comparison to Traditional Client PuzzlesOur Approach• Proactive approach; solves
puzzles in preparation– Uses resources when not
under attack (server & client)
• Solution is ready immediately for user request
• Bitstring comparison per claimed solution– IP layer
Traditional Client Puzzles• Enter client puzzle
operation in reaction to an attack
•User waits for client to solve
•Hash computation per claimed solution
![Page 21: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/21.jpg)
Comparison to Traditional Client PuzzlesOur Approach• Use solutions at multiple
protocols (e.g. TCP, SSL, Database queries)
• Number of channels available should increase as servers can do PK operations faster
Traditional Client Puzzles• Unclear how should
manage protecting multiple protocols
![Page 22: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/22.jpg)
Extensions
• Identity-Based server public keys
• More flexible number of channels per server
• Random Beacon for Bastion– Loose universal puzzle property
• More efficient PK crypto– Smaller key sizes (key life is shorter)
![Page 23: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/23.jpg)
Conclusions
• Propose a new client puzzle outsourcing technique for protecting against DoS attacks
• Trade off extra average case effort in exchange for low-user delay and efficient solution verification
![Page 24: New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University](https://reader036.vdocuments.mx/reader036/viewer/2022081603/5697bfbb1a28abf838ca0ff1/html5/thumbnails/24.jpg)