Title: Denial-of-service resistance in key establishment

Authors: Jason Smith, Suratose Tritilanunt, Colin Boyd, Juan M. Gonzalez Nieto, Ernest Foo

Addresses: Information Security Institute, Queensland University of Technology, G.P.O. Box 2434, Brisbane QLD 4001, Australia. ' Information Security Institute, Queensland University of Technology, G.P.O. Box 2434, Brisbane QLD 4001, Australia. ' Information Security Institute, Queensland University of Technology, G.P.O. Box 2434, Brisbane QLD 4001, Australia. ' Information Security Institute, Queensland University of Technology, G.P.O. Box 2434, Brisbane QLD 4001, Australia. ' Information Security Institute, Queensland University of Technology, G.P.O. Box 2434, Brisbane QLD 4001, Australia

Abstract: Denial of Service (DoS) attacks are an increasing problem for network connected systems. Key establishment protocols are applications that are particularly vulnerable to DoS attack as they are typically required to perform computationally expensive cryptographic operations in order to authenticate the protocol initiator and to generate the cryptographic keying material that will subsequently be used to secure the communications between initiator and responder. The goal of DoS resistance in key establishment protocols is to ensure that attackers cannot prevent a legitimate initiator and responder deriving cryptographic keys without expending resources beyond a responder-determined threshold. In this work we review the strategies and techniques used to improve resistance to DoS attacks. Three key establishment protocols implementing DoS resistance techniques are critically reviewed and the impact of misapplication of the techniques on DoS resistance is discussed. Recommendations on effectively applying resistance techniques to key establishment protocols are made.

Keywords: denial of service; DoS attacks; cryptographic protocols; key establishment protocols; key agreement; proofs of work; client puzzles; cryptography; wireless networks; mobile networks; network security.

DOI: 10.1504/IJWMC.2007.013796

International Journal of Wireless and Mobile Computing, 2007 Vol.2 No.1, pp.59 - 71

Published online: 28 May 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article