This caught my attention because it addresses something I've been
thinking about - traditional SDP/SPA still exposes a UDP port during
the handshake phase, and with AI-powered scanners getting faster,
that window is increasingly risky.
NHP's approach of using Noise Protocol Framework for mutual auth
before any port is opened seems like a logical evolution. The paper
mentions using ECC-256 instead of RSA-2048, which should help with
IoT deployments.
Curious if anyone has tested the OpenNHP implementation (it's on
GitHub). How does the performance compare to traditional VPN or
existing SDP solutions in production environments?https://github.com/OpenNHP
Most security models still assume the network is visible and then try to control access on top of it.
This CSA paper argues for the opposite: hiding network infrastructure entirely — no routable IPs, no exposed ports, no DNS answers — until identity is verified at the session layer.
The idea builds on SDP and SPA, but reframes zero trust around invisibility first, especially against automated and AI-driven reconnaissance.
reply