分组拼图

Puzzles are located at a set position depending on the initial packet flags. The puzzle itself is optional which is toggled via flags found in the beginning of packets. In each packet there is an optional puzzle which may be easily solved through simply hash computation or more complex proofs. The puzzles are dynamic proofs of work which can link to a service which provides the more complicated puzzle materials. 

 

Certificates can specify a proof of work service to obtain the full puzzle or a hash puzzle. Puzzles allow for services to throttle clients, slow down connection establishments, conserve server resources, check for connection liveliness, mine cryptocurrency VIat, and limit the severity of DDOS attacks. During connection establishment the server sends and receives much smaller packets than the client. Since the client is sending the larger packet during connection establishment it makes DDOSing more expensive for the attacker. Puzzles are a great first line of defense against DDOS attacks.