S ILENT KNOCK: Practical, Provably Undetectable Authentication Eugene Y. Vasserman 1 , Nicholas Hopper 1 , John Laxson 2 , and James Tyra 1 1 Computer Science and Engineering, University of Minnesota, Minneapolis, MN 55455 USA 2 Stanford University, Box 15255, Stanford, CA 94309 USA Abstract. Port knocking is a technique first introduced in the blackhat and trade literature to prevent attackers from discovering and exploiting potentially vul- nerable services on a network host, while allowing authenticated users to access these services. Despite being based on some sound principles and being a po- tentially useful tool, most work in this area suffers from a lack of a clear threat model or motivation. We introduce a formal security model for port knocking that addresses these issues, show how previous schemes fail to meet our defini- tion, and give a provably secure scheme that uses steganographic embedding of pseudorandom message authentication codes. We also describe the design and analysis of SILENTKNOCK, an implementation of this protocol for the Linux 2.6 operating system, that is provably secure, under the assumption that AES and a modified version of MD4 are pseudorandom functions, and integrates seamlessly with any existing application, with no need to recompile. Experiments indicate that the overhead due to running SILENTKNOCK on a server is minimal – on the order of 150 μs per TCP connection initiation. 1 Introduction A port scan is a kind of network attack (or attack precursor) in which an adversary attempts to connect to all, or some subset of, TCP and UDP ports at a given IP address. Port scans are useful to attackers because the results often indicate the operating system, architecture, and even a set of specific binaries that a host is running. This information can then be used to determine what software exploits should be used to attack the host, or what level of compromise might be likely. Of course, if a server runs no vulnerable software, a port scan is not a serious threat, but software security is a sufficiently hard problem that this cannot be seen as an im- mediate solution. A popular method of protecting against such network attacks is the firewall, which simply blocks all connection attempts to “internal” network hosts from “external” ones. Since there are many reasons why it might be desirable for a given service to be externally accessible — for instance, users may access a network service from a priori unknown network addresses depending on their physical location — this solution is not always satisfactory. One class of proposed solutions to this problem is “port knocking”: a firewall is de- ployed to protect a server, and before allowing a client connection to a particular port, that client must transmit a special “knock” that authenticates it. This knock may be ei- ther common to all authorized users of the system, or may be unique to a given user. J. Biskup and J. Lopez (Eds.): ESORICS 2007, LNCS 4734, pp. 122–138, 2007. c  Springer-Verlag Berlin Heidelberg 2007