What is OpenNHP?
OpenNHP is the open-source reference implementation of the Network Hiding Protocol (NHP), a cryptographic protocol standard for making network infrastructure invisible. Developed under the Cloud Security Alliance (CSA) and published as an IETF Internet-Draft in January 2026, OpenNHP provides a vendor-neutral, community-audited foundation for network hiding. OpenNHP includes: - **Protocol specification**: Defines the cryptographic handshake, Single Packet Authorization format, and session management - **Reference implementation**: Open-source code (Apache 2.0 license) on GitHub with 14,000+ stars and 200+ contributors - **Interoperability framework**: Ensures different implementations can work together - **Security proofs**: Formal analysis of the protocol's resistance to replay, MITM, and DDoS attacks The OpenNHP architecture consists of three components: - **NHP Agent**: Client-side component that initiates SPA authentication - **NHP Controller (NHP-Server)**: Validates authentication and authorizes access - **NHP Access Control (NHP-AC)**: Opens and closes access to protected resources OpenNHP evolves earlier concepts like Software-Defined Perimeter (SDP) and port knocking into a modern, standardized protocol with formal security guarantees.
How LayerV Implements This
LayerV is the commercial enterprise implementation of OpenNHP. While OpenNHP provides the open-source protocol and reference implementation, LayerV adds the enterprise features needed for production deployment: managed infrastructure, native IdP integration (Okta, Azure AD), QURL-based access credentials, compliance audit logging, usage analytics, and enterprise support. Think of it like the relationship between Linux and Red Hat — OpenNHP is the community standard, LayerV is the enterprise platform.