CS283 - Lecture 6 - Part 4 - Additional Topics - Covert Channels

CS283 - Lecture 6 - Part 4 - Additional Topics - Covert Channels

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
12/05/09 CS283- 172/Fall06/GWU/Vora/Identity GWU CS 172/283 Autumn 2009 Draws extensively from Memon’s notes, Brooklyn Poly And book by Pfleeger, Chapters 3 and 4 Lecture 6 Part 4 - Additional Topics – Covert Channels
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Covert Channels A covert channel is a path of communication that was not designed to be used for communication. Say p is a Trojan horse watching the instructor write the T/F answers in the test. q is the student who wrote the Trojan horse and who has an account on SEAS. To send a message the trojan horse p creates a file named outputs in q’s directory on SEAS. In this file, the number of spaces between two words reveals a bit of information: 2 spaces is True, one space is False. q can deny everything if accused. Different from traditional crypto in the sense that not only is message encrypted in some sense, but an adversary cannot even determine if it is present. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 4 - Rev 20091117 2
Background image of page 2
Storage channel A covert storage channel uses an attribute of the shared resource, for example, whether a file is locked or not. This attribute can be checked at pre-determined time intervals by the receiver. The Trojan horse p can create and erase a directory in q’s account, with a pre-determined name at pre-determined time intervals. If p does not have such access to the same a/c as q, then, as an alternative method, p can signal 1’s by creating a large file, using up available disk capacity, so that q cannot if q tries to as well. Note that p and q need to share a resource and a time cycle. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 4 - Rev 20091117 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Timing channel A covert timing channel uses a temporal or ordering relationship among accesses to a shared resource. It can also be thought of as a shared resource channel where the shared resource is time. Examples: Timing attack on RSA (time of decryption helps factor n). Works on all modular exponentiation, used to break smartcard security. Not strictly a covert channel in the sense that the leaked information is really unintentional. Leak information by using or not using an allotted time slice
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This document was uploaded on 12/05/2009.

Page1 / 20

CS283 - Lecture 6 - Part 4 - Additional Topics - Covert Channels

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online