Something that would take the server a few milliseconds or less to compute, and take the client a few hundred milliseconds?
The server would create a challenge, send it to the client, the client would compute the answer and send it to the server, then the server would verify the answer.
UPDATE: Why? The server has a function that uses significant processing power. I don’t want a client to be able to maliciously overload the server by simply sending 100s of requests per second to this function. By requiring an answer to the challenge, an attacker can only send requests as fast as they can compute the answers.
Let me start by saying I think you are headed down the wrong road.
With that said, one way to do what you are describing would be to put together a simple puzzle that is brute forcible by the receiving end. For instance, you could send the hash of a 3 or 4 character password (solved reasonably quickly), the client is required to figure out the password (by brute force) and send it back (possibly encrypted with a pre-shared key if you are trying to authenticate).
Please understand that this will not prevent anyone from maliciously overloading the server. A malicious attacker can still just disconnect once they’ve received the puzzle (without solving it) and connect again. If the attack is distributed, it gets even worse.
EDIT:
@Nick Johnson is right. You want to also include a random salt to prevent precomputation attacks. Send the salt along with the hash. It gets concatenated with each password that the client tries.