Covert Channels in TCP and IP Headers

Presented at DEF CON 10 (2002), Aug. 4, 2002, 2 p.m. (50 minutes)

How would you communicate securely in a country where encryption is outlawed or where key escrow is mandatory? How can you prevent the Feds from forcing you to turn over your encryption keys? Simple. Don't let your adversaries know that you're transmitting encrypted information. Using covert channels you can completely hide the fact that you're transmitting encrypted information. During this presentation we'll give an introduction to covert channels in TCP and IP headers, release a few vulnerabilities in current TCP timestamp covert channels, and demonstrate and release software that enables covert communication via TCP and IP headers.


Presenters:

Links:

Similar Presentations: