**4. Covert channel with authentication leads to secure communication**

The proposed technique is responsible for creating secure communication channel using covert channel, encryption, and authentication. In the first step before using covert channel, the client and server must agree on pre-agreement table as shown in **Figure 4**, where it depicts out the pre-agreement table consisting of original key (OK) and its corresponding fake keys. The key point here is that the fake key is used in communication channel and the original key is kept secret in both sides (client and server). **Figure 5** illustrates the proposed technique, where the network consists of the client and server. The client agrees on shared information (e.g., table as database) with the server.

The client wants to send to the server a message. Then, he encrypts the message using the original key. After that the encrypted message is attached with the fake key to be a parameter to HMAC function. HMAC depends on shared key between the client and server. Then the client sends (HMAC + encrypted message + fake key) to the server. Where, HMAC is used for integrity and fake key for server to know the

#### **Figure 5.**

*Technique for transferring secure data through covert channel using covert channel, encryption, and authentication.*

**115**

**Figure 6.**

*Secure Communication Using Cryptography and Covert Channel*

original key to decrypt the encrypted message. On the other hand, the server receives the client's message. After that he separates the message to the HMAC, encrypted message, and fake key. Then, he checks the integrity of the message. After that he gets the original key from its corresponding fake key to decrypt the encrypted message.

The implementation of technique is done by: first create a network as client and server with implemented java application. Client and server machines are 32 bit ×86, CPU Core (TM) i5 2.40 GHz, and Ram 4GB. Advanced Encryption Standard (AES) [26] algorithm is used in the implementation. Hashed message authentication code (HMAC) is used to guarantee the integrity [7, 11, 12]. The following issues

1.Confidentiality: the technique guarantees that the messages are protected from disclosure, which is done by encrypting the messages with original keys that do not send through communication channel. Instead, the original keys are sent

2.Integrity: the information is protected from being changed by unauthorized parties through using HMAC function which checks if the content of the mes-

3.Undetectability: undetectability is achieved depending on two conditions: first, plausibility, the messages that are sent through the covert channel are protected from adversary by making the covert channel appear like a normal channel through sending normal encrypted messages, and, second, hiding the fake key inside the message which does not affect bit distribution, especially

4.Comparative analysis: My technique is used in two ways, malicious and benign usages. Also, encryption and authentication are used that differ from other

5.Dynamically: the generating keys between the client and server have a flexible length. Because when you repeat the scenario in **Figure 5** several times, you get new keys with different sizes. If you repeat the technique four times and each time generates key with 16-bit size, then you will get a key with 64-bit size.

*DOI: http://dx.doi.org/10.5772/intechopen.82580*

**5. Performance discussion**

are satisfying in this technique:

encrypted by fake keys.

sage is altered or not.

techniques.

when the size of the fake key is small.

*The technique can handle multiple users in acceptable time.*

original key to decrypt the encrypted message. On the other hand, the server receives the client's message. After that he separates the message to the HMAC, encrypted message, and fake key. Then, he checks the integrity of the message. After that he gets the original key from its corresponding fake key to decrypt the encrypted message.
