A server is configured for preventing flood attacks by a client having
sent a request, by dynamically generating a challenge to be performed by
the client before the server will perform any work for the client. The
challenge includes a dynamically generated computational request and a
dynamically generated secure cookie. The server generates a first hash
result based on hashing a first random number, having a prescribed
length, with a second random number having a dynamically selected length.
A secure cookie is generated based on hashing the first hash result with
a prescribed secure key known only by the server, and a unique identifier
for the request such as the client network address with a time stamp. The
challenge requires the client to determine the second random number based
on the first random number and the hash result. The server validates the
challenge results using the secure cookie.