Covert Channels in SSL Session Negotiation Headers
暂无分享,去创建一个
The Handshake headers of the SSL/TLS protocol contain several multi-byte random data fields used in the generation of the encryption keys used during the session. This random data can be replaced with covert messages that can be intercepted on the wire using packet capture techniques. By encoding data into these fields, a modified SSL client can send messages to a legitimate destination, with legitimate application payload data and still leak covert messages to a receiver listening on the wire.
[1] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.
[2] Carlos Scott,et al. Network Covert Channels : Review of Current State and Analysis of Viability of the use of X . 509 Certificates for Covert Communications , 2008 .
[3] Butler W. Lampson,et al. A note on the confinement problem , 1973, CACM.
[4] Benny Pinkas,et al. The Design and Implementation of Protocol-Based Hidden Key Recovery , 2003, ISC.