Server preventing attacks by generating a challenge having a computational request and a secure cookie for processing by a client
US7694335B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 9, 2004 |
| Grant date | Apr 6, 2010 |
| Priority date | — |
| Expiry date | Nov 7, 2027 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A server is configured for preventing flood attacks by a client having sent a request, by dynamically generating a challenge to be performed by the client before the server will perform any work for the client. The challenge includes a dynamically generated computational request and a dynamically generated secure cookie. The server generates a first hash result based on hashing a first random number, having a prescribed length, with a second random number having a dynamically selected length. A secure cookie is generated based on hashing the first hash result with a prescribed secure key known only by the server, and a unique identifier for the request such as the client network address with a time stamp. The challenge requires the client to determine the second random number based on the first random number and the hash result. The server validates the challenge results using the secure cookie.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.