{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

ps6sols - 6.857 Handout 20 Problem Set 6 Solutions...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
6.857 : Handout 20: Problem Set 6 Solutions Problem 6-2. Covert Channels Some of the covert channels identified include: Encoding data in the TCP Initial Sequence Number Field. Encoding data in the size of the TCP window. (Use an even window to send a 0, an odd window to send a 1.) Adding additional information to the HTTP header sent as part of SSL streams; because the SSL stream is encrypted, observers on the local network won’t be able to read it! Modulating the packet size of successive packets in a TCP stream. Modulating the information contained in the last byte of each TCP packet in a TCP stream. Modulating the speed with which packets are sent. (This is somewhat inefficient and it might be hard to read the data on the other side, as the network might change arrival times, so a point was taken off for this approach unless there was a detailed discussion of how to tune the packet transmission speed for different websites.) Encoding information by the order in which images are requested from the web server. Some groups suggested encrypting data with a public-key system. One group suggested compressing data rather than (or before) encrypting it, since this would both make the data sent smaller and would make it appear more random. The following methods were not accepted because they would be too easy to detect: Having the browser send different cookies than it receives, relying on the fact that users will not notice if the contents of long cookies filled with BASE64-encoded binary data has changed. (This was not accepted because automated software could easily detect that cookies sent by the browser are not the same as cookies received.) Adding headers to the HTTP request (e.g. X-Data: 39382304f232j3423j4kas3 ). Adding additional elements, such as a language or image type, to an existing HTTP header. Changing the User-Agent: header. Changing the order of HTTP fields or elements within an HTTP field. Massachusetts Institute of Technology Handout 20 6.857: Network and Computer Security November 20, 2003 Professor Ronald L. Rivest Problem Set 6 Solutions
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
6.857 : Handout 20: Problem Set 6 Solutions Changing the order of TCP packets sent. Although you can encode information in this way, it’s pretty easy to spot with a packet analyzer run on the same network as the client. If the previous version of 2 + 2 = 5 was discovered, it’s highly likely that this approach would be detected. Changing the contents of files uploaded to web services (for example, by adding a watermark to JPEG images uploaded to Shutterfly). Users could discover that files uploaded didn’t match the files on their hard drives. Toggling the DF (“don’t fragment”) flag. If IP options and source port modulation was discovered, almost certainly this approach would be discovered as well.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}