Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Authenticated encryption in SSH: provably fixing the SSH binary packet protocol
Proceedings of the 9th ACM conference on Computer and communications security
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On Fast and Provably Secure Message Authentication Based on Universal Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Universal classes of hash functions (Extended Abstract)
STOC '77 Proceedings of the ninth annual ACM symposium on Theory of computing
Variability in TCP round-trip times
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Taking a Lesson from Stealthy Rootkits
IEEE Security and Privacy
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
Improved Port Knocking with Strong Authentication
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
The dining freemasons: security protocols for secret societies
Proceedings of the 13th international conference on Security protocols
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Embedding covert channels into TCP/IP
IH'05 Proceedings of the 7th international conference on Information Hiding
Attacks on port knocking authentication mechanism
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part IV
Secure communication over diverse transports: [short paper]
Proceedings of the 2012 ACM workshop on Privacy in the electronic society
ScrambleSuit: a polymorphic network protocol to circumvent censorship
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Hi-index | 0.00 |
Port knocking is a technique first introduced in the blackhat and trade literature to prevent attackers from discovering and exploiting potentially vulnerable services on a network host, while allowing authenticated users to access these services. Despite being based on some sound principles and being a potentially useful tool, most work in this area suffers from a lack of a clear threat model or motivation. We introduce a formal security model for port knocking that addresses these issues, show how previous schemes fail to meet our definition, and give a provably secure scheme that uses steganographic embedding of pseudorandom message authentication codes. We also describe the design and analysis of SILENTKNOCK, an implementation of this protocol for the Linux 2.6 operating system, that is provably secure, under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with any existing application, with no need to recompile. Experiments indicate that the overhead due to running SILENTKNOCK on a server is minimal - on the order of 150 µs per TCP connection initiation.