OpenNHP: Cryptography-driven zero trust protocol
OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data.
OpenNHP offers the following benefits:
- Reduces attack surface by hiding infrastructure
- Prevents unauthorized network reconnaissance
- Mitigates vulnerability exploitation
- Stops phishing via encrypted DNS
- Protects against DDoS attacks
- Enables fine-grained access control
- Provides identity-based connection tracking
- Attack attribution
“The OpenNHP proposed a cost-effective way to solve the vulnerability problem. The common way to mitigate vulnerabilities is to patch them, which may cost tens of thousands of dollars and a few weeks. A statistical report shows that more than 100B is spent annually for vulnerability mitigation in the US. By hiding the applications with OpenNHP, the mitigation only costs a few dollars and minutes to deploy,” the OpenNHP Team told Help Net Security.
OpenNHP supports multiple deployment models:
- Client-to-Gateway: Secures access to multiple servers behind a gateway.
- Client-to-Server: Directly secures individual servers/applications.
- Server-to-Server: Secures communication between backend services.
- Gateway-to-Gateway: Secures site-to-site connections.
Future plans and download
“The future of the OpenNHP will remain open source under Apache license. The future versions will include the support of more crypto algorithms (especially Post-quantum cryptography) and easier integration with cloud platforms like AWS,” the developers explained.
OpenNHP is available for free on GitHub.
