Covert Channels in One-Time Passwords Based on Hash Chains

We present a covert channel between two network devices where one authenticates itself with Lamport's one-time passwords based on a cryptographic hash function. Our channel enables plausible deniability. We also present countermeasures to detect the presence of such a covert channel, which are non-trivial because hash values are randomly looking binary strings, so that deviations are not likely to be detected.

[1]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[2]  Sebastian Zander,et al.  Pattern-Based Survey and Categorization of Network Covert Channel Techniques , 2014, ACM Comput. Surv..

[3]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[4]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[5]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[6]  Adi Shamir,et al.  The Steganographic File System , 1998, Information Hiding.

[7]  Jun Yu,et al.  Protocols for data hiding in pseudo-random state , 2009, Electronic Imaging.

[8]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[9]  Raheem A. Beyah,et al.  An 802.11 MAC layer covert channel , 2012, Wirel. Commun. Mob. Comput..