10

I am really confused between the following three terms:

  • Overt Channel.
  • Covert Channel.
  • Side-Channel.

I feel frustrated! I've been searching about them to find a clear explanation but I keep getting confused more. I REALLY apology if this question is redundant but my brain got stuck from the long search.

Thank you

Steve
  • 135
  • 1
  • 1
  • 5
  • 1
    Would you mind telling us your current understanding and view of these terms so we can give better answers? – Silverfox Feb 10 '16 at 20:48

1 Answers1

14

An overt channel is a communications path that is not hidden. Anyone can see that Steve connected to Stack Exchange.

A covert channel is an intentional communications path that is hidden, using a technique like steganography. This might use a technique like a dead drop, where I post a picture on eBay, you view the posting on eBay, but nobody can easily see that John sent a picture to Steve. That picture might then contain a hidden message, either encoded in the bits of the photo, or in a prearranged meaning of the photo: "if I post a picture of a teapot with the spout pointing left, that means attack at noon. If I post a picture of a teapot with the spout pointing right, that means attack at midnight. If I post a picture of a teacup, the plans are on hold." This is an example of a covert storage channel.

Another type of covert channel can be created by hiding a message by varying the timing of otherwise normal communications. Imagine a streaming video that is "suffering" from occasional interruptions in the stream; it would be easy to imagine it's just a system load problem. The timing of the interruptions could be used to convey information: a long pause followed by a short pause could be interpreted as the Morse Code letter 'N', for example. That is a covert timing channel.

The primary differences between these two types is that a storage channel leaves some evidence behind but doesn't require the recipient to be listening for the message; a timing channel leaves almost no trace of its existence, but requires the receiver to be actively listening to receive the hidden message.

A side-channel is typically a case of unintended information leakage, and not the intended means of communication. Common cases are RF emissions from keyboards or monitors (google for TEMPEST to see examples of this), timing differences (this paper: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf documents a timing attack on SSL), or power consumption differences (see the paper available at this address: https://www.rambus.com/differential-power-analysis/ ). Sometimes these differences can be used to discover enough bits of an encryption key to break the encryption.

John Deters
  • 33,650
  • 3
  • 57
  • 110
  • 1
    Thank you john. (1) I read in a publication (Analysis of Covert Timing Channels by John Wary) that The covert channel is classified as storage and timing channels. What does that mean? (2) Can you provide and example (as you did in steganography in Covert channel) for timing differences or an external link that gives example. Appreciate your work. – Steve Feb 10 '16 at 21:30
  • 4
    @Steve if an algorithm is *intentionally* engineered or implemented to leak through a timing channel, that would be considered a covert channel – Richie Frame Feb 11 '16 at 06:21