Affiliation:
1. Department of Computer Science, Universidad de Alcalá, Spain
Abstract
Port knocking is an access-control technique that consists of revealing a network protected resource only to those users that can prove they know a preshared port sequence. This proving process is done by connecting to the defined ports in the correct order; so, the list gets exposed to the adversaries with access to the connection’s channel. We propose a newfangled technique for protecting this process, avoiding eavesdroppers to get a long-live valid sequence. Our method is based on TOTP codes and has been designed thinking on making it the most usable as possible. There has been designed two different approaches, but we demonstrate that the most simple of them is far enough robust, while it remains to be very usable. This technique is especially suitable for enhancing the resilience of network services against local network adversaries.
Funder
Horizon 2020 Framework Programme
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Information Systems
Reference40 articles.
1. Security & obscurity
2. JeanquierS.An analysis of port knocking and single packet authorization, [M.S. thesis]2006University of LondonInformation Security Group Royal Holloway College
3. Know your enemy: Characteristics of cyber-attacks on medical imaging devices;T. Mahler
4. Lightweight Cryptography Algorithms for Resource-Constrained IoT Devices: A Review, Comparison and Research Opportunities