HIP Middlebox Puzzle Offloading and End-host Notification

Document Type Expired Internet-Draft (individual)
Authors Rene Hummen  , Martin Henze  , Jens Hiller
Last updated 2013-07-13 (latest revision 2013-01-09)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Host Identity Protocol [RFC5201] is a secure signaling protocol with a cryptographic namespace. It provides the communicating peers with a cryptographic puzzle mechanism to protect against Denial of Service (DoS) attacks exploiting the computation and memory overheads of the protocol exchange. This document specifies an extension of the protocol that enables an on-path network entity to assist in the choice of the puzzle difficulty in case of an attack. Furthermore, it defines a modification of the puzzle mechanism that enables a host to delegate puzzle solving to an on-path network entity.


Rene Hummen (hummen@cs.rwth-aachen.de)
Martin Henze (henze@comsys.rwth-aachen.de)
Jens Hiller (hiller@comsys.rwth-aachen.de)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)