Single Packet Authorization

Single Packet Authorization (SPA) describes a special form of port knocking in which authentication is carried out with just one IP packet. It is z. B. used to open ports of a firewall or to execute certain commands after sending the SPA packet on a remote system.

Structure of a package

• 16 bytes of random data
• local username
• local timestamp
• fwknop version
• Mode (access or command)
• Desired access (or command string)
• MD5 sum

A packet contains enough "random" data to make each packet unique. The time stamp helps, among other things, to thwart replay attacks.

literature

• Leonard Barolli, Fatos Xhafa, Kangbin Yim: Advances on Broad-Band Wireless Computing, Communication and Applications. Springer International Publishing AG, Cham 2017, ISBN 978-3-319-49105-9 .
• Seymour Bosworth, ME Kabay, Eric Whyne (Eds.): Computer Security Handbook. Fifth Edition, Volume 1, John Wiley & Sons Inc, New Jersey 2009, ISBN 978-0-471-71652-5 .
• Jean-Gabriel Rémy, Charlotte Letamendia: LTE Standards. John Wiley & Sons Ltd, New Jersey 2014, ISBN 978-1-84821-588-7 .

Web links

• cipherdyne.org (English)
• cipherdyne.org (Docs) (English)
• www.pro-linux.de