survey

Foundations, Properties, and Security Applications of Puzzles: A Survey

Authors:
Isra Mohamed Ali

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

0000-0002-2689-348X
View Profile

,
Maurantonio Caprolu

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

0000-0001-8237-0539
View Profile

,
Roberto Di Pietro

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

Hamad Bin Khalifa University (HBKU), College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT), Doha, Qatar

0000-0003-1909-0336
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 53 Issue 4Article No.: 72pp 1–38https://doi.org/10.1145/3396374

Published:20 August 2020Publication History

ACM Computing Surveys

Abstract

Cryptographic algorithms have been used not only to create robust ciphertexts but also to generate cryptograms that, contrary to the classic goal of cryptography, are meant to be broken. These cryptograms, generally called puzzles, require the use of a certain amount of resources to be solved, hence introducing a cost that is often regarded as a time delay—though it could involve other metrics as well, such as bandwidth. These powerful features have made puzzles the core of many security protocols, acquiring increasing importance in the IT security landscape. The concept of a puzzle has subsequently been extended to other types of schemes that do not use cryptographic functions, such as CAPTCHAs, which are used to discriminate humans from machines. Overall, puzzles have experienced a renewed interest with the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In this article, we provide a comprehensive study of the most important puzzle construction schemes available in the literature, categorizing them according to several attributes, such as resource type, verification type, and applications. We have redefined the term puzzle by collecting and integrating the scattered notions used in different works, to cover all the existing applications. Moreover, we provide an overview of the possible applications, identifying key requirements and different design approaches. Finally, we highlight the features and limitations of each approach, providing a useful guide for the future development of new puzzle schemes.

References

Martin Abadi, Mike Burrows, Mark Manasse, and Ted Wobber. 2005. Moderately hard, memory-bound functions. ACM Trans. Internet Technol. 5, 2 (2005), 299--327.Google ScholarDigital Library
Mehmud Abliz and Taieb Znati. 2009. A guided tour puzzle for denial of service prevention. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’09). IEEE, 279--288.Google ScholarDigital Library
Joël Alwen, Binyi Chen, Krzysztof Pietrzak, Leonid Reyzin, and Stefano Tessaro. 2017. Scrypt is maximally memory-hard. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 33--62.Google ScholarCross Ref
Joël Alwen and Björn Tackmann. 2017. Moderately hard functions: Definition, instantiations, and applications. In Proceedings of the Theory of Cryptography Conference. Springer, 493--526.Google ScholarCross Ref
Ghous Amjad, Muhammad Shujaat Mirza, and Christina Pöpper. 2018. Forgetting with puzzles: Using cryptographic puzzles to support digital forgetting. In Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. ACM, 342--353.Google ScholarDigital Library
M. Amoretti, G. Brambilla, F. Medioli, and F. Zanichelli. 2018. Blockchain-based proof of location. In Proceedings of the IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C’18). 146--153.Google Scholar
James Aspnes, Collin Jackson, and Arvind Krishnamurthy. 2005. Exposing Computationally challenged Byzantine Impostors. Technical Report. Yale University Department of Computer Science.Google Scholar
Giuseppe Ateniese, Ilario Bonacina, Antonio Faonio, and Nicola Galesi. 2014. Proofs of space: When space is of the essence. In Proceedings of the International Conference on Security and Cryptography for Networks. Springer, 538--557.Google ScholarCross Ref
Tuomas Aura, Pekka Nikander, and Jussipekka Leiwo. 2000. DOS-resistant authentication with client puzzles. In Proceedings of the International Workshop on Security Protocols. Springer, 170--177.Google Scholar
Adam Back. 2002. Hashcash - A denial of service counter-measure. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.15.8.Google Scholar
Henry S. Baird, Allison L. Coates, and Richard J. Fateman. 2003. Pessimalprint: A reverse turing test. Int. J. Doc. Anal. Recogn. 5, 2--3 (2003), 158--163.Google ScholarCross Ref
Marshall Ball, Alon Rosen, Manuel Sabin, and Prashant Nalini Vasudevan. 2018. Proofs of work from worst-case assumptions. In Proceedings of the Annual International Cryptology Conference. Springer, 789--819.Google ScholarDigital Library
Boaz Barak and Mohammad Mahmoody-Ghidary. 2009. Merkle puzzles are optimal’an O (n2)-query attack on any key exchange from a random oracle. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’09). Springer, 374--390.Google Scholar
Marco Valerio Barbera, Vasileios P Kemerlis, Vasilis Pappas, and Angelos D. Keromytis. 2013. CellFlood: Attacking tor onion routers on the cheap. In Proceedings of the European Symposium on Research in Computer Security. Springer, 664--681.Google Scholar
Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich. 2016. Argon2: New generation of memory-hard functions for password hashing and other applications. In Proceedings of the IEEE European Symposium on Security and Privacy (EuroS8P’16). IEEE.Google ScholarCross Ref
Alex Biryukov and Dmitry Khovratovich. 2016. Egalitarian computing. In Proceedings of the USENIX Security Symposium. 315--326.Google Scholar
Alex Biryukov and Dmitry Khovratovich. 2017. Equihash: Asymmetric proof-of-work based on the generalized birthday problem. Ledger 2 (2017), 1--30.Google ScholarCross Ref
Jeremiah Blocki and Hong-Sheng Zhou. 2016. Designing proof of human-work puzzles for cryptocurrency and beyond. In Proceedings of the Theory of Cryptography Conference. Springer, 517--546.Google ScholarDigital Library
M. Blum, L. A. Von Ahn, J. Langford, and N. Hopper. 2000. The captcha project (completely automatic public turing test to tell computers and humans apart). School of Computer Science, Carnegie-Mellon University. Retrieved from http://www.captcha.net.Google Scholar
Carlo Blundo and Stelvio Cimato. 2004. A software infrastructure for authenticated web metering. Computer 37, 4 (2004), 28--33.Google ScholarDigital Library
Dan Boneh, Joseph Bonneau, Benedikt Bünz, and Ben Fisch. 2018. Verifiable delay functions. In Proceedings of the Annual International Cryptology Conference. Springer, 757--788.Google ScholarDigital Library
Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten. 2015. Sok: Research perspectives and challenges for bitcoin and cryptocurrencies. In Proceedings of the IEEE Symposium on Security and Privacy (SP’15). IEEE, 104--121.Google Scholar
Nikita Borisov. 2006. Computational puzzles as sybil defenses. In Proceedings of the 6th IEEE International Conference on Peer-to-Peer Computing. IEEE Computer Society, 171--176.Google ScholarDigital Library
M. Amoretti, G. Brambilla, F. Medioli, and F. Zanichelli. 2018. Blockchain-based proof of location. In 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C'18). 146–153.Google Scholar
Gilles Brassard, Peter Høyer, Kassem Kalach, Marc Kaplan, Sophie Laplante, and Louis Salvail. 2011. Merkle puzzles in a quantum world. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’11), Phillip Rogaway (Ed.). Springer, Berlin, 391--410.Google ScholarCross Ref
Elie Bursztein, Jonathan Aigrain, Angelika Moscicki, and John C. Mitchell. 2014. The end is nigh: Generic solving of text-based CAPTCHAs. In Proceedings of the 8th USENIX Workshop on Offensive Technologies (WOOT’14). USENIX.Google Scholar
Elie Bursztein, Steven Bethard, Celine Fabry, John C. Mitchell, and Dan Jurafsky. 2010. How good are humans at solving CAPTCHAs? A large scale evaluation. In Proceedings of the IEEE Symposium on Security and Privacy (SP’10). IEEE, 399--413.Google ScholarDigital Library
J.-Y. Cai, Richard J. Lipton, Robert Sedgewick, and A.C.-C. Yao. 1993. Towards uncheatable benchmarks. In Proceedings of the 8th Annual Structure in Complexity Theory Conference. IEEE, 2--11.Google ScholarCross Ref
Jin-Yi Cai, Ajay Nerurkar, and Min-You Wu. 1998. Making benchmarks uncheatable. In Proceedings of the IEEE International Computer Performance and Dependability Symposium (IPDS’98). IEEE, 216--226.Google ScholarCross Ref
M. Caprolu, R. Di Pietro, F. Lombardi, and S. Raponi. 2019. Edge computing perspectives: Architectures, technologies, and open security issues. In Proceedings of the IEEE International Conference on Edge Computing (EDGE’19). 116--123. DOI:https://doi.org/10.1109/EDGE.2019.00035Google Scholar
Liqun Chen and Wenbo Mao. 2001. An auditable metering scheme for web advertisement applications. In Proceedings of the International Conference on Information Security. Springer, 475--485.Google ScholarDigital Library
Liqun Chen, Paul Morrissey, Nigel P. Smart, and Bogdan Warinschi. 2009. Security notions and generic constructions for client puzzles. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security. Springer, 505--523.Google ScholarDigital Library
Bram Cohen and Krzysztof Pietrzak. 2018. Simple proofs of sequential work. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 451--467.Google ScholarCross Ref
Wei Dai. 1998. B-money proposal. White Paper.Google Scholar
Dancho Danchev. 2008. Inside India’s CAPTCHA solving economy. Retrieved from https://www.zdnet.com/article/inside-indias-captcha-solving-economy/.Google Scholar
Alex de Vries. 2018. Bitcoin’s growing energy problem. Joule 2, 5 (2018), 801--805. Retrieved from http://www.sciencedirect.com/science/article/pii/S2542435118301776.Google ScholarCross Ref
Drew Dean and Adam Stubblefield. 2001. Using client puzzles to protect TLS. In Proceedings of the USENIX Security Symposium, Vol. 42.Google Scholar
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The second-generation onion router. Technical Report. Naval Research Lab, Washington, D.C.Google ScholarCross Ref
Sujata Doshi, Fabian Monrose, and Aviel D. Rubin. 2006. Efficient memory bound puzzles using pattern databases. In Proceedings of the International Conference on Applied Cryptography and Network Security. Springer, 98--113.Google Scholar
John R. Douceur. 2002. The sybil attack. In Proceedings of the International Workshop on Peer-to-peer Systems. Springer, 251--260.Google ScholarDigital Library
Cynthia Dwork, Andrew Goldberg, and Moni Naor. 2003. On memory-bound functions for fighting spam. In Proceedings of the Annual International Cryptology Conference. Springer, 426--444.Google ScholarCross Ref
Cynthia Dwork and Moni Naor. 1992. Pricing via processing or combatting junk mail. In Proceedings of the Annual International Cryptology Conference. Springer, 139--147.Google Scholar
Cynthia Dwork, Moni Naor, and Hoeteck Wee. 2005. Pebbling and proofs of work. In Proceedings of the Annual International Cryptology Conference. Springer, 37--54.Google ScholarDigital Library
Stefan Dziembowski, Sebastian Faust, Vladimir Kolmogorov, and Krzysztof Pietrzak. 2015. Proofs of space. In Proceedings of the Annual Cryptology Conference. Springer, 585--605.Google ScholarCross Ref
Ittay Eyal and Emin Gün Sirer. 2018. Majority is not enough: Bitcoin mining is vulnerable. Commun. ACM 61, 7 (2018), 95--102.Google ScholarDigital Library
P. Fairley. 2017. Blockchain world—Feeding the blockchain beast if bitcoin ever does go mainstream, the electricity needed to sustain it will be enormous. IEEE Spectrum 54, 10 (Oct. 2017), 36--59.Google ScholarDigital Library
Wu-chang Feng. 2003. The case for TCP/IP puzzles. In Proceedings of the ACM SIGCOMM Computer Communication Review, Vol. 33. ACM, 322--327.Google Scholar
Wu-chi Feng, E. Kaiser, and Antoine Luu. 2005. Design and implementation of network puzzles. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’05), Vol. 4. IEEE, 2372--2382.Google Scholar
Matthew K. Franklin and Dahlia Malkhi. 1997. Auditable metering with lightweight security. In Proceedings of the International Conference on Financial Cryptography. Springer, 151--160.Google Scholar
Song Gao, Manar Mohamed, Nitesh Saxena, and Chengcui Zhang. 2015. Emerging image game CAPTCHAs for resisting automated and human-solver relay attacks. In Proceedings of the 31st Annual Computer Security Applications Conference. ACM, 11--20.Google ScholarDigital Library
Yi Gao, Willy Susilo, Yi Mu, and Jennifer Seberry. 2010. Efficient trapdoor-based client puzzle against DoS attacks. In Network Security, Scott C.-H. Huang, David MacCallum, and Ding-Zhu Du (Eds.). Springer US, 229--249. https://doi.org/10.1007/978-0-387-73821-5_10Google Scholar
Juan Garay, Aggelos Kiayias, and Nikos Leonardos. 2015. The bitcoin backbone protocol: Analysis and applications. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 281--310.Google ScholarCross Ref
Juan A. Garay, Aggelos Kiayias, and Giorgos Panagiotakos. 2017. Proofs of work for blockchain protocols. Technical Report. Cryptology ePrint Archive, Report 2017/775.Google Scholar
Virgil D. Gligor. 2003. Guaranteeing access in spite of distributed service-flooding attacks. In Proceedings of the International Workshop on Security Protocols. Springer, 80--96.Google Scholar
Gaurav Goswami, Brian M. Powell, Mayank Vatsa, Richa Singh, and Afzel Noore. 2014. FaceDCAPTCHA: Face detection-based color image CAPTCHA. Future Gen. Comput. Syst. 31 (2014), 59--68.Google ScholarDigital Library
Bogdan Groza and Dorina Petrica. 2006. On chained cryptographic puzzles. In Proceedings of the 3rd Romanian-Hungarian Joint Symposium on Applied Computational Intelligence (SACI’06). Citeseer, 25--26.Google Scholar
R. Han, N. Foutris, and C. Kotselidis. 2019. Demystifying crypto-mining: Analysis and optimizations of memory-hard pow algorithms. In Proceedings of the IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS’19). 22--33. DOI:https://doi.org/10.1109/ISPASS.2019.00011Google Scholar
José María Gómez Hidalgo and Gonzalo Alvarez. 2011. Captchas: An artificial intelligence application to web security. In Advances in Computers. Vol. 83. Elsevier, 109--181.Google ScholarCross Ref
Dennis Hofheinz, Tibor Jager, Dakshita Khurana, Amit Sahai, Brent Waters, and Mark Zhandry. 2016. How to generate and use universal samplers. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security. Springer, 715--744.Google ScholarDigital Library
Kuo-Feng Hwang, Cian-Cih Huang, and Geeng-Neng You. 2012. A spelling-based CAPTCHA system by using click. In Proceedings of the International Symposium on Biometrics and Security Technologies. IEEE.Google ScholarDigital Library
Markus Jakobsson and Ari Juels. 1999. Proofs of work and bread pudding protocols. In Secure Information Networks. Springer, 258--272.Google ScholarDigital Library
Yves Igor Jerschow and Martin Mauve. 2010. Offline submission with rsa time-lock puzzles. In Proceedings of the 10th IEEE International Conference on Computer and Information Technology (CIT’10). IEEE, 1058--1064.Google ScholarDigital Library
Ari Juels and John G. Brainard. 1999. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proceedings of the Network and Distributed System Security Symposium (NDSS’99), Vol. 99. 151--165.Google Scholar
Ed Kaiser and Wu-chang Feng. 2008. mod kapow: Protecting the web with transparent proof-of-work. In Proceedings of the INFOCOM Workshops. IEEE, 1--6.Google ScholarCross Ref
Raimo Kantola. 2019. 6G network needs to support embedded trust. In Proceedings of the 14th International Conference on Availability, Reliability, and Security (ARES’19). ACM, New York, NY. DOI:https://doi.org/10.1145/3339252.3341498Google ScholarDigital Library
Ghassan O. Karame and Srdjan Čapkun. 2010. Low-cost client puzzles based on modular exponentiation. In Proceedings of the European Symposium on Research in Computer Security. Springer, 679--697.Google Scholar
Jonathan Katz, Andrew Miller, and Elaine Shi. 2014. Pseudonymous broadcast and secure computation from cryptographic puzzles. Cryptology ePrint Archive, Report 2014/857. https://eprint.iacr.org/2014/857Google Scholar
Rohit Ashok Khot and Kannan Srinathan. 2009. iCAPTCHA: Image tagging for free. In Proceedings of the Conference on Usable Software and Interface Design, Vol. 2. 26.Google Scholar
Massimo La Morgia, Alessandro Mei, Simone Raponi, and Julinda Stefa. 2018. Time-zone geolocation of crowds in the dark web. In Proceedings of the IEEE 38th International Conference on Distributed Computing Systems (ICDCS’18). IEEE, 445--455.Google ScholarCross Ref
Leslie Lamport. 1981. Password authentication with insecure communication. Commun. ACM 24, 11 (1981), 770--772.Google ScholarDigital Library
Ben Laurie and Richard Clayton. 2004. Proof-of-work proves not to work; version 0.2. In Proceedings of the Workshop on Economics and Information Security.Google Scholar
Jonathan Lazar, Jinjuan Feng, Tim Brooks, Genna Melamed, Brian Wentz, Jon Holman, Abiodun Olalere, and Nnanna Ekedebe. 2012. The soundsright CAPTCHA: An improved approach to audio human interaction proofs for blind users. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 2267--2276.Google ScholarDigital Library
E. Le Jamtel. 2018. Swimming in the monero pools. In Proceedings of the 11th International Conference on IT Security Incident Management IT Forensics (IMF’18). 110--114. DOI:https://doi.org/10.1109/IMF.2018.00016Google ScholarCross Ref
Charles Lee. 2011. Litecoin-open source p2p digital currency. Retrieved from https://litecoin.org/.Google Scholar
Arjen Klaas Lenstra, Hendrik Willem Lenstra, and László Lovász. 1982. Factoring polynomials with rational coefficients. Math. Ann. 261, 4 (1982), 515--534.Google ScholarCross Ref
Frank Li, Prateek Mittal, Matthew Caesar, and Nikita Borisov. 2012. SybilControl: Practical sybil defense with computational puzzles. In Proceedings of the 7th ACM Workshop on Scalable Trusted Computing. ACM, 67--78.Google ScholarDigital Library
Mark D. Lillibridge, Martin Abadi, Krishna Bharat, and Andrei Z. Broder. 2001. Method for selectively restricting access to computer systems. U.S. Patent 6,195,698.Google Scholar
Huijia Lin, Rafael Pass, and Pratik Soni. 2017. Two-round and non-interactive concurrent non-malleable commitments from time-lock puzzles. In Proceedings of the IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS’17). IEEE, 576--587.Google ScholarCross Ref
Debin Liu and L. Jean Camp. 2006. Proof of work can work. In 5th Annual Workshop on the Economics of Information Security (WEIS'16), Robinson College, University of Cambridge, England, UK, June 26-28, 2006. http://weis2006.econinfosec.org/docs/50.pdf.Google Scholar
P. Liu, B. Liu, Y. Sun, B. Zhao, and I. You. 2018. Mitigating dos attacks against pseudonymous authentication through puzzle-based co-authentication in 5G-VANET. IEEE Access 6 (2018), 20795--20806.Google ScholarCross Ref
Quanquan Liu. 2017. Red-blue and standard pebble games: complexity and applications in the sequential and parallel models. Ph.D. Dissertation. Massachusetts Institute of Technology.Google Scholar
Sam Loyd. 1959. Mathematical puzzles. Vol. 1. Courier Corporation.Google Scholar
Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena, and Aquinas Hobor. 2015. On power splitting games in distributed computation: The case of bitcoin pooled mining. In Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF’15). IEEE, 397--411.Google ScholarDigital Library
Miao Ma. 2005. Mitigating denial of service attacks with password puzzles. In Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’05), Vol. 2. IEEE, 621--626.Google ScholarDigital Library
Mohammad Mahmoody, Tal Moran, and Salil Vadhan. 2013. Publicly verifiable proofs of sequential work. In Proceedings of the 4th conference on Innovations in Theoretical Computer Science. ACM, 373--388.Google ScholarDigital Library
Vasileios Mavroeidis, Kamer Vishi, Mateusz D. Zych, and Audun Jøsang. 2018. The impact of quantum computing on present cryptography. Int. J. Adv. Comput. Sci. Appl. 9, 3 (2018).Google Scholar
Timothy J. McNevin, Jung-Min Park, and Randolph Marchany. 2004. pTCP: A client puzzle protocol for defending against resource exhaustion denial of service attacks. Virginia Tech Univ., Dept. Elect. Comput. Eng., Blacksburg, VA, Technical Report TR-ECE-04-10.Google Scholar
Ralph C. Merkle. 1978. Secure communications over insecure channels. Commun. ACM 21, 4 (1978), 294--299.Google ScholarDigital Library
Hendrik Meutzner, Santosh Gupta, and Dorothea Kolossa. 2015. Constructing secure audio captchas by exploiting differences between humans and machines. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems. ACM, 2335--2338.Google ScholarDigital Library
Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, and Jonathan Katz. 2014. Permacoin: Repurposing bitcoin work for data preservation. In Proceedings of the IEEE Symposium on Security and Privacy (SP’14). IEEE, 475--490.Google ScholarDigital Library
Andrew Miller, Ahmed Kosba, Jonathan Katz, and Elaine Shi. 2015. Nonoutsourceable scratch-off puzzles to discourage bitcoin mining coalitions. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 680--691.Google ScholarDigital Library
Andrew Miller and Joseph J. LaViola Jr. 2014. Anonymous byzantine consensus from moderately hard puzzles: A model for bitcoin. Retrieved from http://nakamotoinstitute.org/research/anonymous-byzantine-consensus.Google Scholar
Greg Mori and Jitendra Malik. 2003. Recognizing objects in adversarial clutter: Breaking a visual CAPTCHA. In Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition, Vol. 1. IEEE.Google ScholarCross Ref
Robert Moskowitz, Pekka Nikander, Petri Jokela, and Thomas Henderson. 2008. Host identity protocol. Technical Report.Google Scholar
Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2010. Re: CAPTCHAs-Understanding CAPTCHA-solving services in an economic context. In Proceedings of the USENIX Security Symposium, Vol. 10. 3.Google Scholar
Satoshi Nakamoto. 2019. Bitcoin: A peer-to-peer electronic cash system. Manubot. Retrieved from https://git.dhimmel.com/bitcoin-whitepaper/.Google Scholar
Moni Naor. 1996. Verification of a human in the loop or identification via the turing test. Retrieved from http://www.wisdom.weizmann.ac.il/~naor/PAPERS/humanabs.html.Google Scholar
Arvind Narayanan and Jeremy Clark. 2017. Bitcoin’s academic pedigree. Commun. ACM 60, 12 (2017), 36--45.Google ScholarDigital Library
M. A. Noureddine, A. M. Fawaz, A. Hsu, C. Guldner, S. Vijay, T. Başar, and W. H. Sanders. 2019. Revisiting client puzzles for state exhaustion attacks resilience. In 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'19). 617–629.Google Scholar
Erik Nygren, Samuel Erb, Alex Biryukov, Dmitry Khovratovich, and Ari Juels. 2016. TLS client puzzles extension. Internet Engineering Task Force, Technical Report (Dec. 2016).Google Scholar
Rasmus Pagh and Flemming Friche Rodler. 2004. Cuckoo hashing. J. Algor. 51, 2 (2004), 122--144.Google ScholarDigital Library
Bryan Parno, Dan Wendlandt, Elaine Shi, Adrian Perrig, Bruce Maggs, and Yih-Chun Hu. 2007. Portcullis: Protecting connection setup from denial-of-capability attacks. ACM SIGCOMM Comput. Commun. Rev. 37, 4 (2007), 289--300.Google ScholarDigital Library
Rafael Pass, Lior Seeman, and Abhi Shelat. 2017. Analysis of the blockchain protocol in asynchronous networks. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 643--673.Google ScholarCross Ref
Colin Percival. 2009. Stronger key derivation via sequential memory-hard functions. BSDCan.Google Scholar
Heiner Perrey, Osman Ugus, and Dirk Westhoff. 2011. WiSec’2011 poster: Security enhancement for bluetooth low energy with Merkle’s puzzle. ACM SIGMOBILE Mobile Comput. Commun. Rev. 15, 3 (2011), 45--46.Google ScholarDigital Library
Krzysztof Pietrzak. 2018. Simple verifiable delay functions.IACR Cryptol. ePrint Arch. 2018 (2018), 627.Google Scholar
Rajesh Ramanathan, Amritansh Raghav, and Craig M. Combel. 2013. Spam reduction in real time communications by human interaction proof. U.S. Patent 8,495,727.Google Scholar
Jothi Rangasamy, Douglas Stebila, Lakshmi Kuppusamy, Colin Boyd, and Juan Gonzalez Nieto. 2011. Efficient modular exponentiation-based puzzles for denial-of-service protection. In Proceedings of the International Conference on Information Security and Cryptology. Springer, 319--331.Google Scholar
Amar Rasheed and Rabi Mahapatra. 2011. Key predistribution schemes for establishing pairwise keys with a mobile sink in sensor networks. IEEE Trans. Parallel Distrib. Syst. 22, 1 (2011), 176--184.Google ScholarDigital Library
Michael K. Reiter, Vyas Sekar, Chad Spensky, and Zhenghao Zhang. 2009. Making peer-assisted content distribution robust to collusion using bandwidth puzzles. In Proceedings of the International Conference on Information Systems Security. Springer, 132--147.Google ScholarDigital Library
Jian Ren and Jie Wu. 2010. Survey on anonymous communications in computer networks. Comput. Commun. 33, 4 (2010), 420--431. DOI:https://doi.org/10.1016/j.comcom.2009.11.009Google ScholarDigital Library
Ling Ren and Srinivas Devadas. 2016. Proof of space from stacked expanders. In Proceedings of the Theory of Cryptography Conference. Springer, 262--285.Google ScholarDigital Library
Ling Ren and Srinivas Devadas. 2017. Bandwidth hard functions for ASIC resistance. In Proceedings of the Theory of Cryptography Conference. Springer, 466--492.Google ScholarCross Ref
Ronald L. Rivest and Adi Shamir. 1996. PayWord and micromint: Two simple micropayment schemes. In Proceedings of the International Workshop on Security Protocols. Springer, 69--87.Google Scholar
Ronald L. Rivest, Adi Shamir, and David A. Wagner. 1996. Time-lock puzzles and timed-release crypto. Massachusetts Institute of Technology.Google ScholarDigital Library
Hosam Rowaihy, William Enck, Patrick McDaniel, and Tom La Porta. 2007. Limiting sybil attacks in structured p2p networks. In Proceedings of the 26th IEEE International Conference on Computer Communications (INFOCOM’07). IEEE, 2596--2600.Google ScholarDigital Library
Peter W. Shor. 1994. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the Annual Symposium on Foundations of Computer Science. IEEE, 124--134.Google ScholarDigital Library
Douglas Stebila and Berkant Ustaoglu. 2009. Towards denial-of-service-resilient key agreement protocols. In Proceedings of the Australasian Conference on Information Security and Privacy. Springer, 389--406.Google ScholarDigital Library
Yixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, and Prateek Mittal. 2015. RAPTOR: Routing attacks on privacy in tor. In Proceedings of the 24th USENIX Security Symposium (USENIX’15). 271--286.Google Scholar
Nick Szabo. 2008. Bit gold, unenumerated. blogspot.com (Mar. 29, 2006) Internet Archive. Retrived from http://unenumerated.blogspot.com/2005/12/bit-gold.html.Google Scholar
Qiang Tang and Arjan Jeckmans. 2010. On non-parallelizable deterministic client puzzle scheme with batch verification modes. Centre for Telematics and Information Technology, University of Twente.Google Scholar
Suratose Tritilanunt, Colin Boyd, Ernest Foo, and Juan Manuel González Nieto. 2007. Toward non-parallelizable client puzzles. In Proceedings of the International Conference on Cryptology and Network Security. Springer, 247--264.Google ScholarCross Ref
John Tromp. 2015. Cuckoo cycle: A memory bound graph-theoretic proof-of-work. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 49--62.Google ScholarCross Ref
Florian Tschorsch and Björn Scheuermann. 2016. Bitcoin and beyond: A technical survey on decentralized digital currencies. IEEE Commun. Surveys Tutor. 18, 3 (2016), 2084--2123.Google ScholarDigital Library
Nicolas Van Saberhagen. 2013. CryptoNote v 2.0.Google Scholar
Luis Von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford. 2003. CAPTCHA: Using hard AI problems for security. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 294--311.Google ScholarCross Ref
Luis Von Ahn, Benjamin Maurer, Colin McMillen, David Abraham, and Manuel Blum. 2008. recaptcha: Human-based character recognition via web security measures. Science 321, 5895 (2008), 1465--1468.Google Scholar
David Wagner. 2002. A generalized birthday problem. In Proceedings of the Annual International Cryptology Conference. Springer, 288--304.Google ScholarCross Ref
Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker. 2010. DDoS defense by offense. ACM Trans. Comput. Syst. 28, 1 (2010), 3.Google ScholarDigital Library
Wenbo Wang, Dinh Thai Hoang, Zehui Xiong, Dusit Niyato, Ping Wang, Peizhao Hu, and Yonggang Wen. 2018. A survey on consensus mechanisms and mining management in blockchain networks. Retrieved from http://arxiv.org/abs/1805.02707.Google Scholar
XiaoFeng Wang and Michael K. Reiter. 2003. Defending against denial-of-service attacks with puzzle auctions. In Proceedings of the Symposium on Security and Privacy. IEEE, 78--92.Google Scholar
XiaoFeng Wang and Michael K. Reiter. 2004. Mitigating bandwidth-exhaustion attacks using congestion puzzles. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS’04). ACM, New York, NY, 257--267. DOI:https://doi.org/10.1145/1030083.1030118Google Scholar
Brent Waters, Ari Juels, J. Alex Halderman, and Edward W. Felten. 2004. New client puzzle outsourcing techniques for DoS resistance. In Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM, 246--256.Google Scholar
Dirk Westhoff and Frederik Armknecht. 2011. Method for electing aggregator nodes in a network. U.S. Patent 7,907,548.Google Scholar
Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151 (2014), 1--32.Google Scholar
Yi Xu, Gerardo Reynaga, Sonia Chiasson, Jan-Michael Frahm, Fabian Monrose, and Paul C. van Oorschot. 2012. Security and usability challenges of moving-object CAPTCHAs: Decoding codewords in motion. In Proceedings of the USENIX Security Symposium. 49--64.Google Scholar
Jeff Yan and Ahmad Salah El Ahmad. 2008. A low-cost attack on a microsoft CAPTCHA. In Proceedings of the 15th ACM Conference on Computer and Communications Security. ACM, 543--554.Google ScholarDigital Library
Jeff Yan and Ahmad Salah El Ahmad. 2008. Usability of CAPTCHAs or usability issues in CAPTCHA design. In Proceedings of the 4th Symposium on Usable Privacy and Security. ACM, 44--52.Google ScholarDigital Library
Zhenghao Zhang. 2012. A new bound on the performance of the bandwidth puzzle. IEEE Trans. Info. Forensics Secur. 7, 2 (2012), 731--742.Google ScholarDigital Library

Index Terms

Foundations, Properties, and Security Applications of Puzzles: A Survey
1. General and reference
  1. Document types
    1. Surveys and overviews
2. Security and privacy
  1. Cryptography
  2. Network security
    1. Security protocols

Recommendations

Fair Client Puzzles from the Bitcoin Blockchain
Proceedings, Part I, of the 21st Australasian Conference on Information Security and Privacy - Volume 9722

Client puzzles have been proposed as a mechanism for proving legitimate intentions by providing "proofs of work", which can be applied to discourage malicious usage of resources. A typical problem of puzzle constructions is the difference in expected ...
Read More
Security Definitions on Time-Lock Puzzles
Information Security and Cryptology – ICISC 2020
Abstract
Time-lock puzzles allow one to encapsulate a message for a pre-determined amount of time. The message is required to be concealed from any algorithm running in parallel time less than the pre-determined amount of time. In the previous works, the ...
Read More
Homomorphic Time-Lock Puzzles and Applications
Advances in Cryptology – CRYPTO 2019
Abstract
Time-lock puzzles allow one to encrypt messages for the future, by efficiently generating a puzzle with a solution s that remains hidden until time has elapsed. The solution is required to be concealed from the eyes of any algorithm running in (...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 53, Issue 4
July 2021
831 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3410467
Editor:
Albert Zomaya
University of Sydney, Australia
Issue’s Table of Contents
Copyright © 2020 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 20 August 2020
- Online AM: 7 May 2020
- Accepted: 1 April 2020
- Revised: 1 February 2020
- Received: 1 September 2019
Published in csur Volume 53, Issue 4

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Bandwidth-bound puzzle
Bitcoin
CAPTCHA
CPU-bound puzzle
Cryptocurrency
Cryptographic puzzle
Human-bound puzzle
Memory-bound puzzle
Network-bound puzzle
Proof-of-Work
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 20
  Total Citations
  View Citations
- 386
  Total Downloads
- Downloads (Last 12 months)61
- Downloads (Last 6 weeks)6
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Foundations, Properties, and Security Applications of Puzzles: A Survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Fair Client Puzzles from the Bitcoin Blockchain

Security Definitions on Time-Lock Puzzles

Homomorphic Time-Lock Puzzles and Applications