Making puzzles green and useful for adaptive identity management in large-scale distributed systems

Cordeiro W. L. D. C., Santos F. R., Barcelos M. P., Gaspary L. P., Kavalionak H., Guerrieri A., Montresor A.

Computational puzzles  Peer-to-peer networks  Proof of work  Computer Networks and Communications  Sybil attack  Fake accounts  Identity management 

Various online systems offer a lightweight process for creating accounts (e.g., confirming an e-mail address), so that users can easily join them. With minimum effort, however, an attacker can subvert this process, obtain a multitude of fake accounts, and use them for malicious purposes. Puzzle-based solutions have been proposed to limit the spread of fake accounts, by establishing a price (in terms of computing resources) per identity requested. Although effective, they do not distinguish between requests coming from presumably legitimate users and potential attackers, and also lead to a significant waste of energy and computing power. In this paper, we build on adaptive puzzles and complement them with waiting time to introduce a green design for lightweight, long-term identity management; it balances the complexity of assigned puzzles based on the reputation of the origin (source) of identity requests, and reduces energy consumption caused by puzzle-solving. We also take advantage of lessons learned from massive distributed computing to come up with a design that makes puzzle-processing useful. Based on a set of experiments, we show that our solution provides significant energy savings and makes puzzle-solving a useful task, while not compromising effectiveness in limiting the spread of fake accounts.

Source: Computer networks (1999) 95 (2016): 97–114. doi:10.1016/j.comnet.2015.12.005

Publisher: Elsevier, Amsterdam ;, Paesi Bassi

Metrics