TY - GEN
T1 - SilenTknock
T2 - 12th European Symposium on Research in Computer Security, ESORICS 2007
AU - Vasserman, Eugene Y.
AU - Hopper, Nick
AU - Laxson, John
AU - Tyra, James
PY - 2007
Y1 - 2007
N2 - Port knocking is a technique first introduced in the blackhat and trade literature to prevent attackers from discovering and exploiting potentially vulnerable services on a network host, while allowing authenticated users to access these services. Despite being based on some sound principles and being a potentially useful tool, most work in this area suffers from a lack of a clear threat model or motivation. We introduce a formal security model for port knocking that addresses these issues, show how previous schemes fail to meet our definition, and give a provably secure scheme that uses steganographic embedding of pseudorandom message authentication codes. We also describe the design and analysis of SILENTKNOCK, an implementation of this protocol for the Linux 2.6 operating system, that is provably secure, under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with any existing application, with no need to recompile. Experiments indicate that the overhead due to running SILENTKNOCK on a server is minimal - on the order of 150 μs per TCP connection initiation.
AB - Port knocking is a technique first introduced in the blackhat and trade literature to prevent attackers from discovering and exploiting potentially vulnerable services on a network host, while allowing authenticated users to access these services. Despite being based on some sound principles and being a potentially useful tool, most work in this area suffers from a lack of a clear threat model or motivation. We introduce a formal security model for port knocking that addresses these issues, show how previous schemes fail to meet our definition, and give a provably secure scheme that uses steganographic embedding of pseudorandom message authentication codes. We also describe the design and analysis of SILENTKNOCK, an implementation of this protocol for the Linux 2.6 operating system, that is provably secure, under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with any existing application, with no need to recompile. Experiments indicate that the overhead due to running SILENTKNOCK on a server is minimal - on the order of 150 μs per TCP connection initiation.
UR - http://www.scopus.com/inward/record.url?scp=38049073288&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38049073288&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-74835-9_9
DO - 10.1007/978-3-540-74835-9_9
M3 - Conference contribution
AN - SCOPUS:38049073288
SN - 9783540748342
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 122
EP - 138
BT - Computer Security - ESORICS 2007 - 12th European Symposium on Research in Computer Security, Proceedings
PB - Springer Verlag
Y2 - 24 September 2007 through 26 September 2007
ER -