High cost of encryption, but cheap decryption

I want this user / attacker to encrypt the data and send it to the server. Now I want an algorithm completely opposite to the standard algorithms (fast to use, difficult to decipher), i.e. It is very difficult to encrypt data like passwords by sending a key from the server to protect against accidental attacks, but very easy to decrypt, so the server takes very little time to verify the user, but it becomes very difficult for an attacker to encrypt a new trial password each time. the key is sent by the server.

Once again, I'm not talking about SSL.


source to share

3 answers

It seems that you are looking for a proof-of-work scheme - one of the applications for such a scheme is what you describe: To get the client to do a certain job and not let it flood the server with requests.



One silly idea that can work really well is to attach a puzzle to the encryption scheme. Make it so that in order to send encrypted data to the server, you have to solve some known NP-hard problem (for example, find a satisfactory assignment for a large logical formula) and send the answer along with. The server can then easily test the solution, but under the assumption that P & ne; NP, clients trying to publish data have to do a super-polynomial amount of extra work without letting them flood your server.

Hope this helps!



You can use RSA signatures (like PKCS # 1 ).

Your server can only accept responses if they are signed with a specific RSA key whose private part you distributed earlier. The server uses the public part.

RSA has the property that validation is much faster than subscribing by choosing a small open exponent (usually called e, for example e=3

) with a factor of either x10 or x100, depending on the key length and whether your customers are smart enough to use CRT.

Generating RSA keys is extremely slow, but it is probably sufficient to use one key for all clients if you include the challenge in your protocol to prevent repeated attacks.

Finally, RSA signature doesn't give you privacy.



All Articles