Dear all, together with our colleagues from Akamai, we would like to pursue further the draft on the TLS client puzzles, the first version of which was aired in 2015. As before, the client puzzles allow a server to request clients perform a selected amount of computation prior to the server performing expensive cryptographic operations such as signature computation.
The distinction of the current version is that it includes, besides the well-known SHA-2 puzzle, a memory-hard puzzle called Equihash. The latter is a recent development by our team in Luxembourg, presented at this year NDSS. It allows cheap and memoryless verification by the server even though the puzzle solving guaranteely requires dozens of MB of RAM from a client (time, memory, and client-server asymmetry are tunable parameters). Equihash has been recently adopted as primary proof-of-work in the privacy-enhanced cryptocurrency protocol Zcash. The draft is available at https://datatracker.ietf.org/doc/draft-nygren-tls-client-puzzles/ and the Equihash paper at https://www.internetsociety.org/sites/default/files/blogs-media/equihash-asymmetric-proof-of-work-based-generalized-birthday-problem.pdf We would appreciate comments and discussion, and would like to present the draft at the upcoming IETF meeting in Berlin. -- Best regards, Dmitry Khovratovich University of Luxembourg
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls