The state of art authentication schemes are tightly linked with encryption or crypto systems, which provides concrete foundations to move towards the concept of access control by confirming the user identity. However the openness of the computer network makes the identity credentials vulnerable even transmitted as cipher text especially in lots of peer-to-peer (P2P) networks. The malicious attackers can possibly steal and fake the user identity by eavesdropping, hijacking, cryptanalysis and forging. In this paper, a novel identity authentication mechanism is proposed based on the reverse usage of the Network Covert Channel (NCC) which is originally designed by attackers to create stealth communication. Different from NCC, where the packet intervals can be exploited as the data carrier to transmit the unauthorized information, we exploit such capability in Network-Covert-Channel-based Identity Authentication (NCCIA) to transmit the identity tag. By validating user identity in a covert manner, we provide a more secure authentication method compared with many existing approaches. A NCCIA demo system is designed on a FTP Platform to verify our method. The experiments demonstrate the NCCIA can prevent the attackers from eavesdropping while maintaining transmission efficiency.

• 出版日期2015-11
• 单位西安交通大学