@techreport{nir-ipsecme-puzzles-00,
    number =    {draft-nir-ipsecme-puzzles-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-nir-ipsecme-puzzles/00/},
    author =    {Yoav Nir},
    title =     {{Protecting Internet Key Exchange (IKE) Implementations from Denial of Service Attacks through Client Puzzles}},
    pagetotal = 7,
    year =      2014,
    month =     apr,
    day =       30,
    abstract =  {This document describes an enhancement to the Stateless Cookie mechanism described in RFC 5996. Whereas the original mechanism prevents denial-of-service (DoS) attacks that use multiple spoofed source addresses, the mechanism here is effective against a distributed denial of service attack (DDoS), where the attackers use their own source address. This is accomplished by requiring proof of work by the Initiator before allocating resources at the Responder.},
}