[e-lang] Card game based on covert channels
Jed at Webstart
donnelley1 at webstart.com
Wed Apr 19 16:54:49 EDT 2006
At 10:51 AM 3/7/2006, David Hopwood wrote:
>Constantine Plotnikov wrote:
> > Chris Hibbert wrote:
> >
> >>> I have just remembered that there is a card game that is based on
> >>> covert channels. It is "Contract Bridge". Covert channel is
> >>> established and used in bidding process. There is also a way to
> >>> introduce a noise in the channel to confuse opponents covert channel.
> >>>
> >>> This game might be a good sample to explain what is a covert channel
> >>> in the protocol in security books or articles.
> >>
> >> That's an interesting idea, but the fact that the bidders are required
> >> to explain their (partners') bids makes it more overt than covert. I
> >> think it may make a good opening example, but if you try to explain it
> >> in any depth, the analogy will get pretty strained.
> >
> > This is a covert channel because the formal surface meaning of the
> > protocol is making bids. But partners interpreting it as information
> > about state of their hands.
>
>I disagree that this is a good example; bidding is an overt channel.
>
>As the Wikipedia article correctly says:
>
> * Information may only be passed by the calls made and later by the cards
> played, and not by any other means.
> * The agreed-upon *meaning* [emphasis added] of all information passed
> must be available to the opponents.
>
>Use of covert channels in Contract Bridge -- that is, communication channels
>other than bids and the playing of cards -- is normally considered
>to be cheating.
I agree with what David Hopewood says. I note, however, that using
a secret convention could still be "covert" while using an overt channel
(bidding).
However, in looking at the Wikipedia definition for "Covert Channel":
http://en.wikipedia.org/wiki/Covert_channel
I can see how this bridge example might be considered a "covert channel":
"All covert channels draw their bandwidth (information-carrying capacity) from
a legitimate channel, thus reducing the capacity of the latter; however, the
bandwidth drawn from the channel is often unused, anyway, and so the covert
channel may still be well hidden."
It doesn't seem to me that the sorts of "wall banging" covert channels that
have so often been discussed in these forums as a means of escaping
efforts at confinement fit this definition. If I am one of many processes
running in a shared resource time sharing system and I try to communicate
bits to a collaborator by going into a tight loop for some time for 1s and
waiting idly for 0s, what legitimate channel am I drawing bandwidth from?
E.g. from the referenced "Timing Channels" description:
"Suitable coding schemes could get comparable signaling rates over many
different resource types, despite countermeasures by the OS: besides page
faulting, one could signal via CPU demand, segment activation, disk cache
loading, or other means."
I wonder if this Wikipedia definition of "covert channel" might need
some tuning?
Is the above sort of communication by loading shared resources a
defining characteristic of the sort of "covert channel" that we often
discuss as a means to escape confinement? Perhaps another term
is needed? To me the wall banging example and the steganography
example are fundamentally different. The steganography example does
draw bandwidth from a legitimate channel. The wall banging (timing)
example I believe does not.
This seems to me a potential source of confusion. What do others think?
--Jed http://www.webstart.com/jed/
More information about the e-lang
mailing list