Password authentication with insecure communication
Communications of the ACM
A note on the confinement problem
Communications of the ACM
A rate-adaptive MAC protocol for multi-Hop wireless networks
Proceedings of the 7th annual international conference on Mobile computing and networking
Proceedings of the 10th ACM conference on Computer and communications security
IEEE 802.11 rate adaptation: a practical approach
MSWiM '04 Proceedings of the 7th ACM international symposium on Modeling, analysis and simulation of wireless and mobile systems
Web tap: detecting covert web traffic
Proceedings of the 11th ACM conference on Computer and communications security
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Improved Port Knocking with Strong Authentication
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
WLAN steganography: a first practical review
MM&Sec '06 Proceedings of the 8th workshop on Multimedia and security
Tamper-Evident Digital Signature Protecting Certification Authorities Against Malware
DASC '06 Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing
Covert channels in privacy-preserving identification systems
Proceedings of the 14th ACM conference on Computer and communications security
An 802.11 MAC layer covert channel
Wireless Communications & Mobile Computing
Hi-index | 0.00 |
We present a covert side channel technique that uses the 802.11 MAC rate switching protocol as cover for covert authentication messages. Covert authentication prevents an attacker from knowing when a user is authenticating and protects user credentials from malicious software attacks. Similar to port knocking, a remote client sends authentication messages to an access point in order to access a protected service. The technique uses a one-time password algorithm to protect against replay attacks. We investigate how the covert side channel affects node throughput in mobile and non-mobile scenarios. We also investigate the covertness of the covert side channel using standardized entropy. The results show that the performance impact is minimal and increases slightly as the authentication frequency increases. We further show that we can authenticate with 100% accuracy with minimal impact on rate switching entropy.