curious about covert channels

Adam Lydick adam.lydick at
Tue Jul 22 17:01:43 PDT 2003

Had a random thought and was curious if anyone had an opinion on this:

Would message-ID, and other realated mail headers that contain
pseudo-random data, make a good covert channel?

Eg: instead of choosing a pseudo-random value for the message ID,
encrypt a block of data of the same length as the ID with a preshared
secret key.

Issues that spring to mind:
* small, you would need quite a few overt messages to transfer anything
sizeable over the covert channel.
* Is it possible to tell the difference between pseudo-randomly picked
values (typical mail client), encrypted data (depending on algorithm),
and real randomness? (I suppose this could make the channel detectable)


Adam Lydick

More information about the cypherpunks-legacy mailing list