poster

Covert Channels in One-Time Passwords Based on Hash Chains

Authors:

Jörg Keller,

Steffen WendzelAuthors Info & Claims

EICC '20: Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference

Article No.: 13, Pages 1 - 2

https://doi.org/10.1145/3424954.3424966

Published: 12 January 2021 Publication History

Get Access

Abstract

We present a covert channel between two network devices where one authenticates itself with Lamport's one-time passwords based on a cryptographic hash function. Our channel enables plausible deniability. We also present countermeasures to detect the presence of such a covert channel, which are non-trivial because hash values are randomly looking binary strings, so that deviations are not likely to be detected.

References

[1]

C. Abad. 2001. IP Checksum Covert Channels and Selected Hash Collision. Technical Report. Univ. of California, Los Angeles.

Google Scholar

[2]

R. Anderson, R. Needham, and A. Shamir. 1998. The steganographic file system. In International Workshop on Information Hiding. Springer, 73--82.

Google Scholar

[3]

T. E. Calhoun Jr, X. Cao, et al. 2012. An 802.11 MAC layer covert channel. Wireless Communications and Mobile Computing 12, 5 (2012), 393--405.

Digital Library

Google Scholar

[4]

S. Craver, E. Li, and J. Yu. 2009. Protocols for data hiding in pseudo-random state. In Media Forensics and Security, Vol. 7254.

Google Scholar

[5]

N. Haller. 1995. The S/KEY One-Time Password System. RFC 1760. RFC Editor. https://www.rfc-editor.org/rfc/rfc1760.txt

Google Scholar

[6]

L. Lamport. 1981. Password authentication with insecure communication. Commun. ACM 24, 11 (1981), 770--772. https://doi.org/10.1145/358790.358797

Digital Library

Google Scholar

[7]

B. W. Lampson. 1973. A Note on the Confinement Problem. Commun. ACM 16, 10 (Oct. 1973), 613--615. https://doi.org/10.1145/362375.362389

Digital Library

Google Scholar

[8]

A.J. Menezes, P. C. van Oorschot, and S. A. Vanstone. 1996. Handbook of Applied Cryptography. CRC Press.

Google Scholar

[9]

A. Perrig, R. Canetti, et al. 2002. The TESLA Broadcast Authentication Protocol. CryptoBytes 5, 2 (2002), 2--13.

Google Scholar

[10]

S. Wendzel, S. Zander, et al. 2015. Pattern-Based Survey and Categorization of Network Covert Channel Techniques. Computing Surveys 47, 3 (2015).

Google Scholar

Cited By

View all

Schmidbauer TKeller JWendzel S(2022)Challenging Channels: Encrypted Covert Channels within Challenge-Response AuthenticationProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3544455(1-10)Online publication date: 23-Aug-2022
https://dl.acm.org/doi/10.1145/3538969.3544455
Taleby Ahvanooey MZhu MMazurczyk WLi QKilger MChoo KConti M(2022)CovertSYS: A systematic covert communication approach for providing secure end-to-end conversation via social networksJournal of Information Security and Applications10.1016/j.jisa.2022.10336871(103368)Online publication date: Dec-2022
https://doi.org/10.1016/j.jisa.2022.103368
Schmidbauer TWendzel S(2021)Hunting Shadows: Towards Packet Runtime-based Detection Of Computational Intensive Reversible Covert ChannelsProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470085(1-10)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470085

Index Terms

Covert Channels in One-Time Passwords Based on Hash Chains
1. Security and privacy
  1. Cryptography
    1. Mathematical foundations of cryptography
    2. Symmetric cryptography and hash functions
      1. Hash functions and message authentication codes
2. Theory of computation
  1. Computational complexity and cryptography
    1. Cryptographic primitives

Recommendations

Challenging Channels: Encrypted Covert Channels within Challenge-Response Authentication
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Challenge-response authentication is an essential and omnipresent network service. Thus, it is a lucrative target for attackers to transport covert information. We present two covert channels in nonce-based network authentication that allow the ...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I

Design a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem

Recently, Yang and Chang proposed an identity-based remote login scheme using elliptic curve cryptography for the users of mobile devices. We have analyzed the security aspects of the Yang and Chang's scheme and identified some security flaws. Also two ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

EICC '20: Proceedings of the 2020 European Interdisciplinary Cybersecurity Conference

November 2020

72 pages

ISBN:9781450375993

DOI:10.1145/3424954

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 January 2021

Check for updates

Author Tags

Qualifiers

Poster
Research
Refereed limited

Funding Sources

Horizon 2020

Conference

EICC 2020

EICC 2020: European Interdisciplinary Cybersecurity Conference

November 18, 2020

Rennes, France

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
72
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)3

Reflects downloads up to 23 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Schmidbauer TKeller JWendzel S(2022)Challenging Channels: Encrypted Covert Channels within Challenge-Response AuthenticationProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3544455(1-10)Online publication date: 23-Aug-2022
https://dl.acm.org/doi/10.1145/3538969.3544455
Taleby Ahvanooey MZhu MMazurczyk WLi QKilger MChoo KConti M(2022)CovertSYS: A systematic covert communication approach for providing secure end-to-end conversation via social networksJournal of Information Security and Applications10.1016/j.jisa.2022.10336871(103368)Online publication date: Dec-2022
https://doi.org/10.1016/j.jisa.2022.103368
Schmidbauer TWendzel S(2021)Hunting Shadows: Towards Packet Runtime-based Detection Of Computational Intensive Reversible Covert ChannelsProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470085(1-10)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470085

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Challenging Channels: Encrypted Covert Channels within Challenge-Response Authentication

Public-Key encryption from ID-Based encryption without one-time signature

A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem