Vulnerability Development mailing list archives
Re: Covert Channels
From: daw () mozart cs berkeley edu (David Wagner)
Date: 24 Oct 2002 17:48:47 GMT
Jose Nazario wrote:
as an example, consider the timing attack on cryptography. you can roughly estimate the size of cryptographic keys by watching processor timings.
I wouldn't call that a covert channel; that's an inadvertent leakage. Covert channels are where the leaker is maliciously attempting to leak data. In contrast, side channels in crypto are a case where the leaker didn't intend to be malicious or to leak data, but inadvertently let some data slip anyway. Not all information leaks are covert channels.
Current thread:
- RE: Covert Channels, (continued)
- RE: Covert Channels Frank Knobbe (Oct 23)
- RE: Covert Channels Michal Zalewski (Oct 23)
- RE: Covert Channels Richard Masoner (Oct 23)
- RE: Covert Channels Omar Herrera (Oct 23)
- Re: Covert Channels Timothy J. Miller (Oct 23)
- Re: Covert Channels David Wagner (Oct 24)
- RE: Covert Channels Michal Zalewski (Oct 23)
- RE: Covert Channels Frank Knobbe (Oct 23)
- RE: Covert Channels Brooke, O'neil (EXP) (Oct 23)
- RE: Covert Channels Anton Aylward (Oct 23)
- RE: Covert Channels Michal Zalewski (Oct 23)
- Re: Covert Channels Jose Nazario (Oct 24)
- Re: Covert Channels David Wagner (Oct 24)