Multi-Channel Security through Data Fragmentation
Abstract
This thesis presents a novel security system developed for a multi-channel communication architecture, which achieves security by distributing the message and its associated message authentication code across the available channels at the bit level, to support systems that require protection from confidentiality and integrity attacks without relying solely on traditional encryption. One contribution of the work is to establish some helpful terminology and present a basic theory for multi-channel communications. This proof of concept, focused on the splitting and recombination activities, operates by using existing key exchange mechanisms to establish system initialization information, and then splitting the message in fragments across each available channel. Splitting prevents the entirety of a given message from being transmitted across a single channel, and spreads the overall message authentication across the set of channels. This gives the end user the following unique service: the sender and receiver can identify a compromised channel, even in the presence of a sophisticated man in the middle attack wherein the adversary achieves fragment acceptance at the destination by altering the message's error detecting code. Under some conditions, the receiver can recover the original message without re-transmission, despite these injected errors. This system would be a natural fit as a cipher suite for a future iteration of the Transport Layer Security protocol targeting support for multi-channel communication systems.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 26, 2020
- Accession Number
- AD1102923
Entities
People
- Micah J. Hayden
Organizations
- Air Force Institute of Technology