[cap-talk] Throwing down the gauntlet
Jack Lloyd
lloyd at randombit.net
Mon Jan 9 16:06:19 EST 2006
On Mon, Jan 09, 2006 at 08:25:50PM +0000, Ben Laurie wrote:
> > This doesn't help. In the majority of situations, end-to-end acknowledgements
> > are needed for communication between any given pair of subjects.
>
> Surely not. If you are talking about a nominally one-way channel (i.e.
> the acknowledgements are only required to ensure that the channel is
> reliable), then a proxy can always be interposed in the middle, thus
> preventing end-to-end signalling through acknowledgements.
Wouldn't this be equivalent to a pump? As I recall, pumps do (in an absolute
sense) violate the BL security properties, with the convert channel being
'minimized' by queueing and randomizing the ACKs.
Speaking of which - has anyone experimentally derived estimates of the
bandwidth of the covert channel that is opened up by using a pump in common
implementations? I haven't come across any actual analysis of this, though
perhaps all of it is just buried in CC evaluation reports.
-Jack
More information about the cap-talk
mailing list