SilentKnock: Practical, provably undetectable authentication

Eugene Y. Vasserman, Nick Hopper, James Tyra

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

Port knocking is a technique to prevent attackers from discovering and exploiting vulnerable network services, while allowing access for authenticated users. Unfortunately, most work in this area suffers from a lack of a clear threat model or motivation. To remedy this, we introduce a formal security model for port knocking, show how previous schemes fail to meet our definition, and give a provably secure scheme. We also present SilentKnock, an implementation of this protocol that is provably secure under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with existing applications.

Original languageEnglish (US)
Pages (from-to)121-135
Number of pages15
JournalInternational Journal of Information Security
Volume8
Issue number2
DOIs
StatePublished - Jan 1 2009

Keywords

  • Covert authentication
  • Cryptography
  • Formal models
  • Provable security

Fingerprint Dive into the research topics of 'SilentKnock: Practical, provably undetectable authentication'. Together they form a unique fingerprint.

Cite this