“DDoSCoin: Cryptocurrency With a Malicious Proof-Of-Work”, 2016-08-08 ():
[HTTPS connections can provide third-party-verifiable signatures and so HTTPS is a valid Proof-of-Work and one can incentivize creating HTTPS connections and hence DDoSes. This could also be used non-maliciously to create a distributed anonymous uptime-checking service, by incentivizing only a few connections each time period for small bounties.]
Since its creation in 2009, Bitcoin has used a hash-based proof-of-work to generate new blocks, and create a single public ledger of transactions. The hash-based computational puzzle employed by Bitcoin is instrumental to its security, preventing Sybil attacks and making double-spending attacks more difficult. However, there have been concerns over the efficiency of this proof-of-work puzzle, and alternative “useful” proofs have been proposed. In this paper, we present DDoSCoin, which is a cryptocurrency with a malicious proof-of-work. DDoSCoin allows miners to prove that they have contributed to a distributed denial of service attack against specific target servers. This proof involves making a large number of TLS connections to a target server, and using cryptographic responses to prove that a large number of connections has been made. Like proof-of-work puzzles, these proofs are inexpensive to verify, and can be made arbitrarily difficult to solve.