Layering Authentication Channels to Provide Covert Communication
Project Members
Mohammed H. Almeshekah, Mikhail J, Atallah and Eugene H. Spafford
Mohammed H. Almeshekah, Mikhail J, Atallah and Eugene H. Spafford
Abstract
We argue the need for providing a covert back-channel communication mechanism in authentication protocols, discuss various practical uses for such a channel, and desirable features for its design and deployment. Such a mechanism would leverage the current authentication channel to carry out the covert communication rather than introducing a separate one. The communication would need to be oblivious to an adversary observing it, possibly as a man-in-the-middle. We discuss the properties that such channels would need to have for the various scenarios in which they would be used. Also, we show their potential for mitigating the effects of a number of security breaches currently occurring in these scenarios.