Guided tour puzzle protocol

It aims to overcome the shortcoming of computation-based puzzle protocols, in which clients are required to compute hard CPU or memory-bound puzzles that favor clients with abundant computational resources.

All clients are required to complete a guided tour puzzle prior to receiving service from the server, if the server suspects it is currently under denial of service attack or its load exceeds a pre-defined threshold.

The address of the first stop tour guide is computed using the token contained in the server's first reply message that informs the client of the start of a puzzle process.

[citation needed] The client must send the token received from the current stop tour guide to the next stop tour guide, which will use it as an input to its token calculation function.

[citation needed] Before the guided tour puzzle can start,

for computing the first hash value that is returned to the client as part of a puzzle message.

[1][2][3][4] Another crucial shortcoming of computational puzzle protocols is that all clients, including all legitimate clients, are required to perform such CPU-intensive computations that do not contribute to any meaningful service or application.

Guided tour puzzle protocol enforces delay on the clients through round trip delays, so that clients' requests arrive at a rate that is sustainable by the server.

As such, even an attacker with abundant computational resources cannot prioritize themselves over poorly provisioned legitimate clients.

[citation needed] Furthermore, in guided tour puzzle protocol, the computation required for the client is trivial.

As a result, clients are not burdened with heavy computations (that are usually required by CPU-bound or memory-bound puzzle protocols).

Example of a guided tour puzzle when the number of tour guides is 2, and the tour length is 5. The order of the tour is: G1 -> G0 -> G1 -> G1 -> G0.