Advanced port knocking authentication scheme with QRC using AES

Abstract

Port Knocking is an important concept to secure services provided by the servers. By a predefined port knocking sequence server identify whether the request is a legitimate request for a service. This paper presents an improved authentication scheme over the existing port knocking methods. The existing port knocking methods are prone to reasonable attacks and vulnerabilities. The paper addresses those vulnerabilities, and accordingly provides mechanism to circumvent on the port knocking mechanism. In a client-server communication, request for services from the clients is done by providing them connection to a specific port on the server. For security concerns, all the ports on the server are initially closed and no connection is possible. Port knocking permits a user to request for a port to open for network services. This request takes the form of a sequence of authentication packets across closed ports on the server. Many port knocking schemes have been proposed earlier but all of them suffer from the problems like sequence replay attack, man in the middle attack, use of spoofed packets in knocking sequence and out of order delivery of packets. The proposed algorithm addresses all the above mentioned issues by implementing a secure knock sequence with AES encryption scheme, which cannot be detected or disturbed by the sniffing and use of spoofed packets. The algorithm also addresses the problem of out of order delivery of knock sequence packets as the knock sequence is determined when all the packets are received at the server end.