CS283 - Lecture 6 - Part 4 - Additional Topics - Covert Channels

CS283 - Lecture 6 - Part 4 - Additional Topics - Covert Channels

Info icon This preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
12/05/09 CS283- 172/Fall06/GWU/Vora/Identity GWU CS 172/283 Autumn 2009 Draws extensively from Memon’s notes, Brooklyn Poly And book by Pfleeger, Chapters 3 and 4 Lecture 6 Part 4 - Additional Topics – Covert Channels
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Covert Channels A covert channel is a path of communication that was not designed to be used for communication. Say p is a Trojan horse watching the instructor write the T/F answers in the test. q is the student who wrote the Trojan horse and who has an account on SEAS. To send a message the trojan horse p creates a file named outputs in q’s directory on SEAS. In this file, the number of spaces between two words reveals a bit of information: 2 spaces is True, one space is False. q can deny everything if accused. Different from traditional crypto in the sense that not only is message encrypted in some sense, but an adversary cannot even determine if it is present. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 4 - Rev 20091117 2
Image of page 2
Storage channel A covert storage channel uses an attribute of the shared resource, for example, whether a file is locked or not. This attribute can be checked at pre-determined time intervals by the receiver. The Trojan horse p can create and erase a directory in q’s account, with a pre-determined name at pre-determined time intervals. If p does not have such access to the same a/c as q, then, as an alternative method, p can signal 1’s by creating a large file, using up available disk capacity, so that q cannot if q tries to as well. Note that p and q need to share a resource and a time cycle. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 4 - Rev 20091117 3
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Timing channel A covert timing channel uses a temporal or ordering relationship among accesses to a shared resource. It can also be thought of as a shared resource channel where the shared resource is time. Examples: Timing attack on RSA (time of decryption helps factor n). Works on all modular exponentiation, used to break smartcard security. Not strictly a covert channel in the sense that the leaked information is really unintentional.
Image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern