Re: Anti-spyware at the Gateway
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Anti-spyware at the Gateway

From: Sebastian Gottschalk <seppi@seppig.de>
Date: Tue Mar 14 2006 - 14:12:41 CET



Volker Birk wrote:


> Sebastian Gottschalk <seppi@seppig.de> wrote:


>>>> Using public key cryptography one can create a tunnel


>>>> that provably can't be differed from a normal session ID transfer.


>>> And knowing how it is done means being able to detect.


>> Assuming the session ID transfer is a fully normal and trusted activtiy


>> (f.e. logging in at nytimes.com and reading some articles)and the


>> session ID is a pseudorandom value, you can create a covert channel with


>> bandwidth efficiency 1/n that is as hard to detect as it is to break


>> either a chosen n-bit symmetric cipher or RSA of any length.


> 


> Assuming you know all this and all the keys, you can detect.



You don't know the keys. And then the knowledge about the rest provably


won't help you at all.


Received on Mon May  1 00:57:34 2006