SilentKnock: Practical, Provably Undetectable Authentication

13 years 10 months ago

Download www-users.cs.umn.edu

Port knocking is a technique ﬁrst introduced in the blackhat and trade literature to prevent attackers from discovering and exploiting potentially vulnerable services on a network host, while allowing authenticated users to access these services. Despite being based on some sound principles and being a potentially useful tool, most work in this area suffers from a lack of a clear threat model or motivation. We introduce a formal security model for port knocking that addresses these issues, show how previous schemes fail to meet our deﬁnition, and give a provably secure scheme that uses steganographic embedding of pseudorandom message authentication codes. We also describe the design and analysis of SILENTKNOCK, an implementation of this protocol for the Linux 2.6 operating system, that is provably secure, under the assumption that AES and a modiﬁed version of MD4 are pseudorandom functions, and integrates seamlessly with any existing application, with no need to recompile. Experi...

Eugene Y. Vasserman, Nicholas Hopper, John Laxson,

Real-time Traffic

ESORICS 2007 | Port Knocking | Provably Secure | Pseudorandom Message Authentication | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	ESORICS
Authors	Eugene Y. Vasserman, Nicholas Hopper, John Laxson, James Tyra

Comments (0)

Sciweavers

SilentKnock: Practical, Provably Undetectable Authentication

ESORICS 2007 | Port Knocking | Provably Secure | Pseudorandom Message Authentication | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers