An authentication protocol based on chaos and zero knowledge proof

01/22/2020
by   Will Major, et al.
0

Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocking have resulted in an increase in complexity in design, preventing port knocking solutions from realising their potential. This paper proposes a novel port knocking solution, named Crucible, which is a secure method of authentication, with high usability and features of stealth, allowing servers and services to remain hidden and protected. Crucible is a stateless solution, only requiring the client memorise a command, the server's IP and a chosen password. The solution is forwarded as a method for protecting servers against attacks ranging from port scans, to zero-day exploitation. To act as a random oracle for both client and server, cryptographic hashes were generated through chaotic systems.

READ FULL TEXT
research
12/01/2018

A Scheme to Verify Services with Unboundedly many Clients using NuSMV

We study model checking of client - server systems, where the servers of...
research
04/17/2023

Development of Authenticated Clients and Applications for ICICLE CI Services – Final Report for the REHS Program, June-August, 2022

The Artificial Intelligence (AI) institute for Intelligent Cyberinfrastr...
research
06/26/2019

Secure Client and Server Geolocation Over the Internet

In this article, we provide a summary of recent efforts towards achievin...
research
08/04/2022

A Forward-secure Efficient Two-factor Authentication Protocol

Two-factor authentication (2FA) schemes that rely on a combination of kn...
research
07/31/2018

Revisiting Client Puzzles for State Exhaustion Attacks Resilience

In this paper, we address the challenges facing the adoption of client p...
research
10/21/2018

Routing-Aware Partitioning of the Internet Address Space for Server Ranking in CDNs

The goal of Content Delivery Networks (CDNs) is to serve content to end-...
research
11/23/2022

Privacy-Preserving Application-to-Application Authentication Using Dynamic Runtime Behaviors

Application authentication is typically performed using some form of sec...

Please sign up or login with your details

Forgot password? Click here to reset