This essay will analyze the basics of two techniques called Proof-of-work and Challenge-response with the purpose to see how the combination of these could be used to create a authentication protocol that can ensure both the identity and intention of a client.
I will examine whether, and if so how, this new protocol can prevent Brute-force and Denial-of-service attacks by taking advantage of key security features of Proof-of-work Challenge-response respectively.A realization of the protocol will be presented, both theoretically as well as in the form of a implementation in created as a client/server model. An analysis of the proposed protocol will be provided, which will show how the combination of Proof-of-work and Challenge-response can provide some security benefits but also creates new flaws that ultimately makes the protocol unsuitable for practical use in its present form.