Skip to main content
SpringerLink
Log in

A lightweight identity authentication method by exploiting network covert channel

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

The state of art authentication schemes are tightly linked with encryption or crypto systems, which provides concrete foundations to move towards the concept of access control by confirming the user identity. However the openness of the computer network makes the identity credentials vulnerable even transmitted as cipher text especially in lots of peer-to-peer (P2P) networks. The malicious attackers can possibly steal and fake the user identity by eavesdropping, hijacking, cryptanalysis and forging. In this paper, a novel identity authentication mechanism is proposed based on the reverse usage of the Network Covert Channel (NCC) which is originally designed by attackers to create stealth communication. Different from NCC, where the packet intervals can be exploited as the data carrier to transmit the unauthorized information, we exploit such capability in Network-Covert-Channel-based Identity Authentication (NCCIA) to transmit the identity tag. By validating user identity in a covert manner, we provide a more secure authentication method compared with many existing approaches. A NCCIA demo system is designed on a FTP Platform to verify our method. The experiments demonstrate the NCCIA can prevent the attackers from eavesdropping while maintaining transmission efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Butler KRB, Ryu S, Traynor P, McDaniel PD (2009) Leveraging Identity-Based Cryptography for Node ID Assignment in Structured P2P Systems. Parallel and Distributed Systems, IEEE Transactions on, vol. 20, pp. 1803–1815, 2009-01-01

  2. Byeong-Thaek O, Sang-Bong L, Ho-Jin P (2008) A Peer Mutual Authentication Method using PKI on Super Peer based Peer-to-Peer Systems. In Advanced Communication Technology. ICACT 2008. 10th International Conference on, 2008, pp. 2221–2225

  3. Lamport L (1981) Password authentication with insecure communication, Communications of ACM, no. 24, pp. 770–772

  4. Neuman BC, Ts’O T (1994) Kerberos: an authentication service for computer networks, Communications Magazine, IEEE, vol. 32, pp. 33–38, 1994-01-01

  5. Rhee K, Kwark, Kim S, Won D (2005) Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment. 3450: p. 70–84

  6. David Pointcheval DP, Jacques Stern JS (2000) Security arguments for digital signatures and blind signatures. J Cryptol 13:361–396

    Article  MATH  Google Scholar 

  7. Huang K, Ou Q, Wu X, Song Y (2009) Cryptanalysis of a Remote User Authentication Scheme Using Smart Cards, Proc. Wireless Communications, Networking and Mobile Computing, 2009. WiCom ’09. 5th International Conference on, pp. 1–4

  8. Hwang J, Wu K, Liu D (2000) Access control with role attribute certificates. Comput Stand Interfaces 22(1):43–53

    Article  Google Scholar 

  9. Upmanyu M, Namboodiri AM, Srinathan K, Jawahar CV (2010) Blind authentication: a secure crypto-biometric verification protocol. IEEE Trans Inform Forensics Secur 5(2):255–268

    Article  Google Scholar 

  10. Min W, Liu B (2004) Data hiding in binary image for authentication and annotation. IEEE Trans Multimedia 6(4):528–538

    Article  MathSciNet  Google Scholar 

  11. Chen GX, Chen HF, Xie L, Song GL, Zhuang T (2010) An identity authentication scheme in wireless peer-to-peer network. In Communication Technology (ICCT), 12th IEEE International Conference on, 2010, pp. 473–476

  12. He S, Li X, Chen J, Cheng P, Sun Y, Simplot-Ryl D (2013) EMD: energy-efficient P2P message dissemination in delay-tolerant wireless sensor and actor networks. IEEE J Sel Areas in Commun 31(9):75–84. doi:10.1109/JSAC.2013.SUP.0513007

    Article  Google Scholar 

  13. Zhou YH, Lin HQ (2010) An authentication protocol without trusted third party on P2P network. In Future Computer and Communication (ICFCC), 2nd International Conference on, 2010, pp. V2-686-V2-689

  14. Monrose F, Rubin A (1997) Authentication via keystroke dynamics. In Proceedings of the 4th ACM conference on Computer and communications security. Zurich, Switzerland: ACM

  15. Zhang C, Lu R, Lin X, Ho P, Shen X (2008) An Efficient Identity-Based Batch Verification Scheme for Vehicular Sensor Networks. In INFOCOM 2008. The 27th Conference on Computer Communications. IEEE

  16. Cabuk S (2006) Network covert channels: design, analysis, detection, and elimination. West Lafayette, IN, USA

  17. Sun Y, Guan X, Liu T, Qu Y (2012) An identity authentication mechanism based on timing covert channel. in 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012, June 25, 2012 - June 27, 2012, Liverpool, United kingdom, pp. 832–836

  18. Lampson BW (1973) A note on the confinement problem. Commun ACM 16(10):613–615

    Article  Google Scholar 

  19. U.D.of Defense (1985) Trusted Computer System Evaluation Criteria TCSEC. DOD5200.28-STD. Washington

  20. Griling CG (1987) Covert channels in LANs[J]. IEEE Trans Softw Eng 13(2):292–296

    Article  Google Scholar 

  21. Wolf M (1989) Covert channels in LAN protocols Local Area Network Security. 396: p. 89–101.

  22. Handel T, Sandford M (1996) Hiding data in the OSI network model Information Hiding. 1174: p. 23–38

  23. Kamran A (2002) Covert channels analysis and practical data hiding in TCP/IP. University of Toronto, Canada

    Google Scholar 

  24. Kamran A, Deepa K (2002) Practical Data Hiding in TCP/IP. In Proc. ACM Workshop on Multimedia Security, vol. 2002

  25. Murdoch S, Lewis S (2005) Embedding Covert Channels into TCP/IP Information Hiding. 3727: p. 247–261

  26. Steven JM, Stephen L (2005) Embedding Covert Channels into TCP/IP. in Proceedings of the 7th Information Hidding Workshop

  27. Wray JC (1992) An analysis of covert timing channels. J Comput Secur 1(3):219–232

    Google Scholar 

  28. Zhu H, Du S, Gao Z, Dong M, Cao Z (2014) A probabilistic misbehavior detection scheme toward efficient trust establishment in delay-tolerant networks. IEEE Trans Parallel Distrib Syst 25(1):22–32

    Article  Google Scholar 

  29. Sellke SH, Wang CC, Bagchi S, Shroff N (2009) TCP/IP Timing Channels: Theory to Implementation. In INFOCOM 2009, IEEE

  30. Liu Y, Ghosal D, Armknecht F, Sadeghi A, Schultz S, Katzenbeisser S (2009) Hide and seek in time—robust covert timing channels. Computer Security–ESORICS 2009: 120–135

  31. Liu Y, Ghosal D, Armknecht F, Sadeghi A, Schultz S, Katzenbeisser S (2010) Robust and undetectable steganographic timing channels for iid traffic. Information hiding. Springer, Berlin/Heidelberg

    Google Scholar 

  32. He J, Cheng P, Shi L, Chen J (2013) SATS: secure average-consensus-based time synchronization in wireless sensor networks. IEEE Trans Signal Process 61(24):6387–6400

    Article  MathSciNet  Google Scholar 

  33. Cabuk S, Brodley CE, Shields C (2004) IP covert timing channels: design and detection. In proceedings of the 11th ACM conference on computer and communications security. ACM, Washington

    Book  Google Scholar 

  34. Hongwei Li, Xiaodong Lin, Haomiao Yang, Xiaohui Liang, Rongxing Lu, and Xuemin (Sherman) Shen, EPPDR: An Efficient Privacy – Preserving Demand Response Scheme with Adaptive Key Evolution in Smart Grid, IEEE Transactions on Parallel and Distributed Systems, doi:10.1109/TPDS.2013.124

  35. Hongwei Li, Rongxing Lu, Liang Zhou, Bo Yang, and Xuemin (Sherman) Shen. An Efficient Merkle Tree Based Authentication Scheme for Smart Grid, IEEE SYSTEMS Journal, doi:10.1109/JSYST.2013.2271537

  36. Dong M, Ota K, Li H, Du S, Zhu H, Guo S (2013) RENDEZVOUS: towards fast event detecting in wireless sensor and actor networks. Computing, pp. 1–16. doi:10.1007/s00607-013-0364-7

  37. Dong M, Ota K, Lin M, Tang Z, Du S, Zhu H (2014) UAV-assisted data gathering in wireless sensor networks. The Journal of Supercomputing, pp. 1–14. doi:10.1007/s11227-014-1161-6

Download references

Acknowledgements

This work was supported by the Doctoral Fund of Ministry of Education of China and the Fundamental Research Funds for the Central Universities.

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Xi’an Jiaotong University, Xi’an, People’s Republic of China

    Haijiang Xie & Jizhong Zhao

Authors
  1. Haijiang Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jizhong Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haijiang Xie.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xie, H., Zhao, J. A lightweight identity authentication method by exploiting network covert channel. Peer-to-Peer Netw. Appl. 8, 1038–1047 (2015). https://doi.org/10.1007/s12083-014-0287-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-014-0287-x

Keywords

Search

Navigation