Publication Peer Review

Our core TCP/IP networking systems and protocols have been with us since the 1970s, and have in many ways served us well. Their inherent openness and interoperability have sparked incredible innovation and significantly changed our world. However, these systems were designed to facilitate easy connection, rather than to fend off malicious actors. As Vint Cerf, who personally designed many of these components, stated, “We didn’t focus on how you could wreck this system intentionally. You could argue with hindsight that we should have, but getting this thing to work at all was non-trivial.” It should be clear that TCP/IP’s default network visibility has enabled much of today’s malicious activity. Given our current threat landscape and the widespread adoption of Zero Trust as a set of principles and best practices, we believe that we now have an imperative to pivot our core networking technologies to a default-deny stance. The Network-infrastructure Hiding Protocol (NHP) introduces an innovative Zero Trust security approach that significantly reduces the attack surface and prevents unauthorized access before exploitation can occur. NHP builds upon and extends the Single-Packet Authorization (SPA) technology initially outlined in the Cloud Security Alliance Software-Defined Perimeter (SDP) specification, representing the third generation of network hiding technology. This whitepaper presents NHP as a strategic solution for protecting network infrastructures against all threats, with comprehensive technical specifications to support its implementation.