Covert Channels and Anonymizing Networks

1
Covert Channels and Anonymizing Networks

• Ira S. Moskowitz --- NRL
• Richard E. Newman --- UF
• Daniel P. Crepeau --- NRL
• Allen R. Miller --- just hanging out

2
Motivation

• Anonymity --- What do you think/say?
• optional desire or mandated necessity
• Our interest is in hiding who is sending what to
  whom. Yet, even if we have this type of
  anonymity one might still be able to leak info.
• Is this from a failure to truly obtain anonymity,
  or is it an inherent flaw in the model/design?

3
Covert Channels

• The information is leaked via a covert channel
  (which is )
• Paranoid threat? Yes, but ....
• This paper is a first step (for us) in tying
  anonymity and covert channels together.

4
MIXes

• A MIX is a device intended to hide
  source/message/destination associations.
• A MIX can use crypto, delay, shuffling, padding,
  etc. to accomplish this.
• Others have studied ways to beat the MIX
• --active attacks to flush the MIX.
• --passive attacks may study probabilities.
• You all know this better than I -)

5
Our Scenario

• MIX Firewalls separating 2 enclaves.

Eve
Enclave 2
Enclave 1
Alice Cluelessi
overt channel --- anonymous
Timed MIX, total flush per tick Eve counts
message per tick perfect sync, knows
Cluelessi Cluelessi are IID, p probability
that Cluelessi does not send a message Alice is
clueless w.r.t to Cluelessi
6
Toy Scenario only Clueless1

• Alice can not send a message (0), or send (0c)
• Only two input symbols to the (covert) channel
• What does Eve see? 0,1,2

0
p
0
q
Eve
1
Alice
p
0c
q
2
7
Discrete Memoryless Channel
Y
0 1 2
0 p q 0
0c 0 p q
A is the random variable representing Alice, the
transmitter to the cc X has a prob dist P(X0)
x P(X0c) 1-x Y represents Eve prob dist
derived from A and channel matrix
X
8

• In general P(X xi) p(xi), similarly p(yk)
• H(X) -?i p(xi)logp(xi) Entropy of X
• H(XY) -?kp(yk) ?ip(xiyk)logp(xiyk)
• Mutual information
• I(X,Y) H(X) H(YX) H(Y)-H(YX) (we use the
  latter)
• Capacity is the maximum over dist X of I
• For toy scenario
• C max x -( pxlogpx qxp(1-x)logqxp(1-x)
  
• q(1-x)logq(1-x) ) h(p)
• where h(p) - p logp (1-p) log(1-p)

9
(No Transcript)
10
General Scenario N Cluelessi
0
pN
NpN-1q
0
1
. . .
pN
qN
NqN-1p
N
0c
N1
qN
11
(No Transcript)
12
Conclusions

1. Highest capacity when very low or very high
   clueless traffic
2. Capacity (of p) bounded below by C(0.5)
3. Capacity monotonically decreases to 0 with N
4. C(p) is a continuous function of p
5. Alices optimal bias is function of p, and is
   always near 0.5

13
Future Work

• One MIX firewall distinguishable receivers
• Relax IID assumption on Cluelessi
• If Alice has knowledge of Cluelessi behavior