Noname manuscript No. (will be inserted by the editor) An authentication protocol based on chaos and zero knowledge proof Will Major · William J Buchanan (Corresponding Author) · Jawad Ahmad 29 Sept 2019 Abstract Port Knocking is a method for authenticat- Port knocking solutions have progressed and changed ing clients through a closed stance firewall, and autho- dramatically, since their conception as a simple tool rising their requested actions, enabling severs to offer for opening firewall ports. Many modern port knock- services to authenticated clients, without opening ports ing implementations have accumulated layers of com- on the firewall. Advances in port knocking have re- plexity in the process of removing specific vulnerabil- sulted in an increase of complexity in design, preventing ities from their predecessors. This complexity issue is port knocking solutions from realising their potential. further exacerbated by components in port knocking This paper proposes a novel port knocking solution, that are mutually incompatible: replay protection can named Crucible, which is a secure method of authenti- result in desynchronisation problems, and interactive cation, with high usability and features of stealth, al- authentication requires the server to forgo its ‘silent’ lowing servers and services to remain hidden and pro- role. To combat this, many modern port knocking im- tected. Crucible is a stateless solution, only requiring plementations in academic literature take an ad-hoc ap- the client memorise a command, the server’s IP and a proach to fixing existing vulnerabilities without consid- chosen password. The solution is forwarded as a method ering a holistic viewpoint, nor the minimalist lineage for protecting servers against attacks ranging from port upon which port knocking was founded. scans, to zero-day exploitation. To act as a random or- Port knocking can be considered a stealthy method acle for both client and server, cryptographic hashes of authentication and command execution, allowing a were generated through chaotic systems. covert channel to exist between a client and server, across an untrusted network such as the Internet. When Keywords ZKP · chaos hash · port knocking · random implemented properly, port knocking should be difficult beacons · attack model to discover through passive surveillance of network traf- fic, or active reconnaissance of the server. Port knock- ing allows a server to conceal not only its individual 1 Introduction services, but also its role as a server. Numbers Stations arXiv:2001.07897v1 [cs.CR] 22 Jan 2020 are a Cold War era covert channel using radio broad- Port knocking, if integrated into a security environ- casts of spoken number values (amongst other meth- ment, can offer an additional layer of authentication ods), suspected to communicate with intelligence assets for servers, furthering a defence-in-depth approach, and in the field [1]. In modern day computing, Meltdown [2] can conceal the presence of services. It is suited to and Spectre [3] are examples of serious vulnerabilities defending against attacks directed at servers, ranging enabling covert channels for exfiltrating data from a from automatic scanning, as part of attack-chain recon- victim’s machine. naissance, to precisely targeted zero-day exploitation. Port knocking can simply be described as a means for communicating with a machine that is protected by Blockpass ID Lab, Edinburgh Napier University, Edinburgh. UK. a closed-stance firewall. This entails a client machine, Corresponding author: William J Buchanan, operated by a user, sending a message – or knock – to a [email protected] firewall. The firewall in this instance will be referred to 2 Will Major et al. as the server, for its role in receiving the knock, and the same vein, vulnerability scanning and discovery are im- subsequently authorised actions it performs. This ter- peded, and thus port knocking can be considered one of minology further aims to clarify in situations involving the few non-reactive defences against zero-day attacks multiple intermediaries (such as additional firewalls) be- [8]. In this manner, port knocking can provide protec- tween client and server. The networks across which this tion for legacy and proprietary services with “insuffi- transaction can take place could be local, or, as is the cient integrated security”, or for services with “known common use case, remote. Port knocking is by design unpatched vulnerabilities” [9]. Port knocking also pro- aimed at operating over untrusted networks, such as vides an additional layer of security and authentication, the Internet, wherein malicious actors of varying capa- that any malicious actors must overcome before attack- bilities aim to subvert security measures. Port knocking ing the hidden service itself [7, 9]. methods generally use cryptographic primitives such as Port knocking can incur load and performance loss hash and encryption functions. In the proposed port on networks and systems [5], the latter applying an knocking method, we have utilised the Chirkov stan- overhead for each connection [4]. In addition, a num- dard map and absolute chaotic map for the hash that ber of ports may need to be “allocated for exclusive ensures the output knock is different for each session. use by port knocking” [10]. Port knocking implementa- Additionally, the chaos-based hash function provides a tions may require user training [4] and client systems lightweight secure solution and as a result, the proposed need to implement port knocking, which may require scheme will not require third-party libraries. Moreover, maintenance of dedicated remote client software [7]. chaos-based port knocking scheme will have a num- Authentication in port knocking is largely facilitated ber of properties such as sensitivity to initial condi- through pre-shared keys (or other secrets), meaning se- tions, non-periodicity, ergodicity, and attack complex- cure key distribution and management become require- ity which strengthen the port knocking scheme. ments. Port knocking also adds an additional layer of This paper offers three novel port knocking proto- complexity into the protection of assets [7], and another types: zero knowledge proofs and chaos-based cryptog- attack vector to defend against. The fail-closed stance raphy; a combination of chaos-based cryptography and of port knocking may result in inaccessibility of ser- random beacons; and ‘Crucible’ which is combines ran- vices, should the authentication mechanism fail on the dom beacons and password-based key derivation. Re- server [4, 10]. Such a failure in this mechanism could play protection and NAT compatibility are considered render the server “unreachable or more easily compro- significant issues in port knocking technology. This pa- mised” [7]. per proposes novel approaches for dealing with these problems. The rest of paper is organised as follows. Related 2.1 Mechanics and Architecture work is discussed in Section 2. Section 3 discusses de- sign and the proposed methodology. Experimental re- One of the main differentials when considering port sults are presented in Section 4. The proposed method is knocking solutions is the number of packets that are evaluated in Section 5. Research findings are concluded required to authenticate the client with the server. Tra- in Section 6. ditional port knocking solutions sent a series of packets (each knock) across the Internet, where the authenti- cating data, would be communicated via this collection 2 Related Work of knocks, known as a knock sequence. More recently, a single packet has been used to wholly and atomi- Port knocking allows authentication to a host without cally send authenticating data to the server, in a single requiring open ports, and without requiring modifica- knock, giving rise to the term “Single Packet Authoriza- tion of the underlying protocol [4]. Furthermore, the tion” [11]. [5] raises an immediate problem with using presence of port knocking can be difficult to detect multiple packets to authenticate, in that network and by sniffing traffic, and almost impossible to detect by routing issues between the server and the client, such as probing a server [5]. By making services ‘invisible’, a latency (from congestion [7]) or packet drops, will cause machine’s function as a server can be hidden from an the authenticating packets to arrive out of order. If the attacker [6], offering a level of anonymity. Port knock- knock sequence doesn’t match the server’s expectations, ing disrupts attacker reconnaissance by denying finger- the client likely won’t be authenticated. [12] offers a so- printing efforts against open ports. This prevents auto- lution to this problem by including a sequence number mated and manual scanning efforts, and reduces “ma- within each knock’s authenticating data, allowing the licious information gathering capabilities” [7]. In the knocks to be reassembled after they are received. An authentication protocol based on chaos and zero knowledge proof 3 2.2 Non-Interactive or Interactive Server 2.4 Replay Protection While traditionally communications in a port knock- A port knock authenticates the client to a server, typi- ing implementation would be limited to unidirectional cally by proving the client possesses a secret, such as a client to server messaging, some modern variations con- key or password. In proving this over the wire, encryp- versely include server to client communication. This tion or hashing are employed to prevent eavesdroppers could also be described as unilateral or bilateral