7/28/2019 10.1.1.4.6246

1/7

New Covert Channels in HTTP

Adding Unwitting Web Browsers to Anonymity Sets

Matthias BauerInstitut fr Informatik

Martensstrasse 391058 Erlangen, Germany

matthiasb@acm.org

ABSTRACT

Categories and Subject Descriptors

General Terms

Keywords

1. INTRODUCTION

Permission to make digital or hard copies of all or part of this work forpersonal or classroom use is granted without fee provided that copies arenot made or distributed for profit or commercial advantage and that copiesbear this notice and the full citation on the first page. To copy otherwise, torepublish, to post on servers or to redistribute to lists, requires prior specificpermission and/or a fee.WPES03, October 30, 2003, Washington, DC, USA.Copyright 2003 ACM 1-58113-776-1/03/0010 ...$5.00.

7/28/2019 10.1.1.4.6246

2/7

2. THREAT MODEL

3. BACKGROUND

(public key, private key)

4. RELATED WORK

5. SERVERTOSERVER CHANNELTHROUGH UNWITTING CLIENTS

5.0.1 Redirects

7/28/2019 10.1.1.4.6246

3/7

5.0.2

5.0.3 Referer

5.0.4 HTML Elements

5.0.5 Active Content

6. THE MUTED POSTHORN A CHAU-

MIAN MIX ON BANNER ADVERTS

7/28/2019 10.1.1.4.6246

4/7

6.1 The Setup

(publickey, secretkey)

6.2 A first Version

m0 ni

mi+1 = To :||ni||Eni(mi).

En(m) m n

0

1

6.3 DoS attack on the first protocol

mi+1 = To :||ni||Ack :||h(mi)||Eni(mi).

7/28/2019 10.1.1.4.6246

5/7

Ack:

To: node2 PadE_node2(mess2)

To: node1 E_node1(mess1) Pad 0x123456

0xabcdef

mbox2: message_b Pad

mbox1: Padmessage_a

Mailboxes:

ack1, ack2 PadAck: node2

Message Pool:

|h()|

h

6.4 Properties of the Protocol

7. UNSOLVED PROBLEMS AND DIREC-

TIONS FOR FUTURE RESEARCH

(Group,Generator)

7/28/2019 10.1.1.4.6246

6/7

8. SUMMARY

9. ACKNOWLEDGEMENTS

10. REFERENCES

7/28/2019 10.1.1.4.6246

7/7