Challenging Channels: Encrypted Covert Channels within Challenge-Response Authentication
Proceedings of the 17th International Conference on Availability, Reliability and Security. New York: ACM 2022 S. 1 - 10 50:1-10
Erscheinungsjahr: 2022
Publikationstyp: Buchbeitrag (Konferenzbeitrag)
Sprache: Englisch
Doi/URN: 10.1145/3538969.3544455
Geprüft | Bibliothek |
Inhaltszusammenfassung
Challenge-response authentication is an essential and omnipresent network service. Thus, it is a lucrative target for attackers to transport covert information. We present two covert channels in nonce-based network authentication that allow the encrypted transfer of covert information. Both channels exploit fundamental problems, not contained to the specific implementation or cryptographic mechanisms. We provide implementations and evaluations for hash- and key-based challenge-response authen...Challenge-response authentication is an essential and omnipresent network service. Thus, it is a lucrative target for attackers to transport covert information. We present two covert channels in nonce-based network authentication that allow the encrypted transfer of covert information. Both channels exploit fundamental problems, not contained to the specific implementation or cryptographic mechanisms. We provide implementations and evaluations for hash- and key-based challenge-response authentication. Our implementation achieves hard detectability and acceptable throughput rates. Further, we analyze how the throughput can be maximized by applying compression and codebook techniques. We also describe how the presented approach is suitable for the extraction of sensitive information and performing command-and-control communication, showcased by the exfiltration of three different malware code snippets. Further, we discuss potential countermeasures, that can detect, limit and eliminate the proposed covert channels.» weiterlesen» einklappen
Klassifikation
DFG Fachgebiet:
Informatik
DDC Sachgruppe:
Informatik