Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about PreAcher, a novel system architecture that leverages Content Delivery Networks (CDNs) to enhance password authentication security while preventing Application-layer DoS attacks in this 14-minute conference presentation from NSDI '25. Discover how this innovative approach combines Oblivious Pseudorandom Function (OPRF) and Locality-Sensitive Hashing (LSH) in a three-party authentication protocol that allows CDNs to pre-authenticate users without accessing their actual passwords. Explore the technical implementation that offloads authentication workload from web servers to CDNs, effectively filtering out malicious traffic while maintaining password secrecy and usability. Understand the evaluation results demonstrating PreAcher's effectiveness in strengthening web server resilience against ADoS attacks with acceptable performance overheads. Examine the practical deployment advantages, including immediate implementation capability for websites without requiring modifications to client software or existing CDN infrastructure, making this solution readily adoptable in today's Internet ecosystem.
