Tongzhou Shen,Liehuang Zhu,Feng Gao,Zhuo Chen,Zijian Zhang,Meng Li

DOI: https://doi.org/10.3390/math12020251

IF: 2.4

2024-01-13

Mathematics

Abstract:As a decentralized network infrastructure, the data sent to the blockchain are public and temper-evident. The cover of massive normal transactions in a blockchain network is ideal for constructing a stable and reliable covert channel to achieve one-to-many group covert communication. Existing blockchain-based covert communication schemes face challenges in balancing concealment, embedding rate and filtering efficiency, making them unsuitable for direct extension to group scenarios. Adopting a key-leakage scheme can increase the channel capacity while maintaining high concealment from external adversaries. However, it will also expose more knowledge to the receiver. A malicious receiver has the ability to steal a sender's identity or replay historical transactions to control the entire channel. In this paper, we define the capabilities of malicious receivers in blockchain-based group covert communication scenarios and propose a group covert communication scheme resistant to transaction forgery attacks. Theoretical analysis and experiments prove that our covert transactions do not have any transaction correlativity, ensuring the unique authenticity of the sender's identity while maintaining supreme concealment compared with the existing schemes. The precision and recall of machine learning detection results can reach 0.57–0.62 (0.5 is the ideal value).

mathematics

Tao Zhang,Bingyu Li,Yan Zhu,Tianxu Han,Qianhong Wu

DOI: https://doi.org/10.1016/j.comcom.2023.04.001

IF: 5.047

2023-04-08

Computer Communications

Abstract:Traditional network covert channels have become insecure due to the continuous improvement of traffic analysis techniques. As an emerging technology combined with cryptographic techniques, consensus algorithms, P2P network, blockchain has features like decentralization, traceability, immutability, anonymity, transparency, and security, which makes blockchain an ideal platform for covert channel and covert communication. Benefits of blockchain for covert communication include wide access, high capacity covert channels, identity anonymity and information concealment, and robust communication channel. In the paper, we conduct a systematic analysis on covert channels in blockchain from the layer architecture of blockchain. Covert channels are present in data layer, network layer, incentive layer and contract layer, as block structure, transaction structure, cryptographic schemes, P2P network, transaction fee, and smart contract. There are also various covert channels in different layers of blockchain applications. We make a literature review on covert channels in blockchain applications and blockchain based covert communication schemes. Current researches on blockchain based covert communication mainly focus on blockchain based cryptocurrencies, including Bitcoin, Ethereum, Zcash and Monero. There are also some explorations which combines blockchain with images to achieve higher channel capacity for covert communication. Finally, open challenges and future directions on blockchain based covert communication are discussed.

computer science, information systems,telecommunications,engineering, electrical & electronic

Liehuang Zhu,Qi Liu,Zhuo Chen,Can Zhang,Feng Gao,Zhongliang Yang

DOI: https://doi.org/10.1109/tc.2023.3275096

IF: 3.183

2023-01-01

IEEE Transactions on Computers

Abstract:Covert channels serve the construction of cyberspace security. By realizing the secure transmission of data, it is widely used in political and financial fields. Blockchain covert channels have higher reliability and concealment compared to traditional network-based covert channels. However, existing blockchain covert storage channels need to create a large number of transactions to transmit covert information. Creating transactions requires a transation fee, which means that the implementation of blockchain covert storage channels requires a high cost. Besides, created transactions remain on-chain permanently, leading to the threat of covert information being detected. To overcome these limitations, we propose a blockchain covert timing channel framework. Specifically, we utilize inv and getdata messages in the Bitcoin transaction broadcast as carriers and propose three modulation modes to achieve covert channels without cost and leaving no trace. We evaluate the concealment of our modes by K-S, KLD tests, and machine learning approaches. Experimental results show the indistinguishability between traffic carrying covert information and normal traffic. Our channels promise a capacity of 2.4 bit/s.

engineering, electrical & electronic,computer science, hardware & architecture

Zhuo Chen,Liehuang Zhu,Peng Jiang,Can Zhang,Feng Gao,Jialing He,Dawei Xu,Yan Zhang

DOI: https://doi.org/10.1109/comst.2022.3204281

2022-11-23

Abstract:Covert communication enables covert information transmission in an undetectable way to prevent the exposure of communication behaviors. Blockchain-based covert communication breaks through the limitations on concealment, reliability and anti-traceability, and has shown promising application prospects in both sensitive data transmission and botnets. Although there are studies on blockchain-based covert communication, it still lacks a systematic investigation. In this paper, we conduct a comprehensive study on channel building and survey its core technologies by information embedding, transaction filtering, and transaction obfuscation. We also summarize evaluation metrics to better analyze blockchain-based covert channels. Privacy aspects are also discussed. Finally, we suggest seven future directions to stir research efforts into this area.

computer science, information systems,telecommunications

Pei Zhang,Qingfeng Cheng,Mingliang Zhang,Xiangyang Luo

DOI: https://doi.org/10.1109/tdsc.2024.3353570

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Covert communication is a crucial technology that hides information in the redundant structure of the file and transmission through public channel to achieve the secure delivery of information. The blockchain network, with the characteristics of anonymity, decentralization and tamper-proofing, can make up for the shortcomings of multimedia-based covert communication, which include the easy exposure of the identity for both parties, the vulnerability to destruction during communication and the weak robustness of the channel. Therefore, the blockchain network is an ideal channel for covert communication. Nevertheless, the existing covert communication methods face certain challenges based on blockchain, such as the lack of a secure channel for transferring the master key, low embedding capacity, and weak detection resistance. In view of this, this paper proposes a covert communication method based on Shamir threshold and STC mapping, which is suitable for public chain networks. The proposed method first decomposes the master key into sub-keys by introducing Shamir scheme, and the sub-keys are shared with the help of transaction amounts on a blockchain. Then, a mapping relation is established to ensure that the transaction amounts carrying the secret are evenly distributed. Finally, secret information is hidden in the mapping relationship and the transaction amount is interwoven, which is published to the blockchain through transactions to complete covert communication. The introduction of Shamir threshold breaks the limitation that master key cannot be safely transmitted due to the lack of a secure channel in the research of covert communication based on blockchain, thereby enhances the security of the method. Meanwhile, Shamir threshold scheme based on public chain, can solve the issue that the master key cannot be reconstructed due to dishonest participants providing invalid subkeys on traditional network. In addition, the proposed STC mapping can not only improve the detection resistance but also increase the embedding capacity. A series of experimental results illustrate that the proposed method is more resistant to detection, and the embedding efficiency is enhanced by 27.56 times compared with existing public chain-based covert communication methods, effectively reducing the number of transactions and saving resource consumption.

computer science, information systems, software engineering, hardware & architecture

Zhuo Chen,Liehuang Zhu,Peng Jiang,Can Zhang,Feng Gao,Fuchun Guo

DOI: https://doi.org/10.1109/tifs.2024.3361212

IF: 7.231

2024-02-17

IEEE Transactions on Information Forensics and Security

Abstract:Blockchain-based censorship-resistant systems enable the user to access the blocked content through a covert channel while avoiding a suspicious network connection between the user and the proxy. However, state-of-the-art blockchain-based censorship-resistant schemes cannot satisfy both low communication fees and unobservability, and their method of identifying transactions with covert data may inadvertently expose the covert channel. In this paper, we present Hades, a blockchain-based covert channel framework that aims to circumvent censorship. Hades allows users to encode covert data as a transaction field, and identify transactions with covert data by using another transaction field as a label. We also present the security model for Hades, which defines the unobservability of Hades as the indistinguishability of transactions with covert data from normal transactions. We further propose two cost-friendly and unobservable instantiations of Hades: the basic RDSAC and the improved DDSAC. RDSAC uses private keys to encode covert data and utilizes random factors in the signing process as labels, while incurring a communication delay. DDSAC avoids the delay by encoding covert data into random factors and sampling a transaction amount from normal transactions as the label. We implement a prototype system of Hades and evaluate its performance. Experiment results show that our Hades prototype is unobservable, robust, and efficient. RDSAC and DDSAC can identify 1,654 transactions in 6.054 seconds and 0.071 seconds, respectively. Hades supports 1KB data transfer at \\(0.44 on the Bitcoin mainnet and cost-free data transfer on the Bitcoin testnet.

computer science, theory & methods,engineering, electrical & electronic

Yanjiao Chen,Xuxian Li,Jian Zhang,Hongliang Bi

DOI: https://doi.org/10.1109/tnsm.2022.3162592

2022-01-01

IEEE Transactions on Network and Service Management

Abstract:Blockchain-based cryptocurrencies are severely limited in transaction throughput and latency. A promising solution to this issue is a payment channel, which allows trust-free payments between two peers without exhausting the resources of the blockchain. A linked payment channel network (PCN) enables payments between two peers through a series of intermediate nodes that forward and charge for the payments. However, most of existing proposals only use the shortest path as the path of the transaction, which causes the frequently reused channels to be exhausted quickly. In addition, most of existing PCNs are almost only designed for payments between two parties, which leads to limited application scenarios. When multiple payments use the same intermediate channel, the two-party PCNs cannot achieve simultaneous payments. In this paper, we propose a multi-party payment channel (MPC) network, a payment channel proposal that supports multiple payments using the same intermediate channel simultaneously, thereby greatly expanding the application scenarios of payment channels. In addition, our channel selection and transaction conversion strategies can also increase the success rate of transactions. We implement MPC network in the simulated blockchain network and lightning network based on Truffle, and a large number of experiments verify the effectiveness of our solution.

Jing Tian,Gaopeng Gou,Chang Liu,Yige Chen,Gang Xiong,Zhen Li

DOI: https://doi.org/10.1007/978-3-030-41579-2_47

2020-01-01

Abstract:With the continuous improvement of the traffic analysis techniques, traditional network covert channels based on the TCP/IP architecture are facing many risks. Blockchain is a new kind of decentralized public network. The openness together with strong tamper resistance of the blockchain makes it become a natural platform to construct covert channel. However, the existing blockchain-based covert channels have a major drawback: the recipient identifies the transactions containing covert messages through the fixed labels, which significantly reduces the availability and concealment of the system. In this paper, we propose a new blockchain covert channel construction scheme, DLchain, which substitutes the fixed labels with dynamic labels. We design a dynamic label generation algorithm based on the statistical distribution of the real transaction data to ensure the concealment of the dynamic labels. We prove that DLchain has the features of undetectability, anti-traceability and strong robustness.

Yang Tian,Xin Liao,Li Dong,Yang Xu,Hongbo Jiang

DOI: https://doi.org/10.1109/tnsm.2024.3358013

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:Recent years have witnessed the booming growth of 5G and 6G technology, which has brought unprecedented massive data transmission, causing severe privacy issues. However, traditional information encryption and multimedia covert communication fail to protect the identities of communication parties and the originality of messages. The emergence of blockchain provides a promising solution to solve these problems. Its anonymity manages to hide the identities of communication parties, and immutability ensures the message is undestroyable. However, the existing blockchain-based covert communication schemes suffer the issues of low embedding capacity and high time cost. In this paper, an amount-based covert communication scheme over the blockchain is proposed, in which a unique coding method is devised for hiding messages into transaction amounts to improve the embedding capacity. Compared with existing address-based methods, the proposed scheme can apply any address and reduce the time of obtaining special addresses. Besides, we innovate the way to prove the concealment by calculating the relative entropy of the transaction amount between Bitcoin and the proposed scheme. The security of our method is demonstrated by comparing the probability of attackers acquiring secret messages under different adversary capabilities. The experimental results verify that the proposed approach outperforms the existing schemes regarding embedding capacity, time costs, number of transactions, concealment, and security.

computer science, information systems

Can Zhang,Liehuang Zhu,Chang Xu,Zijian Zhang,Rongxing Lu

DOI: https://doi.org/10.1016/j.jnca.2022.103541

IF: 7.574

2023-01-01

Journal of Network and Computer Applications

Abstract:Blockchain-based covert communication has opened up a new research direction for the covert communication field. In blockchain-based storage covert communication, reliability can be guaranteed because of the inherent immutable property of blockchain. Besides, enhanced undetectability is also achieved because the sender and the receiver do not need to establish a direct connection or be online simultaneously. However, in existing blockchain-based solutions, pre-negotiated and fixed addresses are used as static labels to scan the specific transaction that embeds covert messages, which increases the risk of channel exposure. Moreover, some of them do not support large covert message transmission. In this paper, we present an effective blockchain-based covert storage channel with dynamic labels. More specifically, a novel dynamic label mechanism is proposed to help the receiver extract the covert message efficiently, whereas adversaries cannot distinguish whether a block contains specific transactions. Besides, a message segmentation mechanism is also proposed to achieve large covert message transmission. Theoretical security analysis and detailed experimental evaluations based on the public Ethereum blockchain network show that the proposed scheme is secure under Chosen Hidden-text Attacks with acceptable efficiency.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Liang Liu,Lin Liu,Beibei Li,Yi Zhong,Shan Liao,Lei Zhang

DOI: https://doi.org/10.1016/j.comnet.2021.108759

IF: 5.493

2022-03-01

Computer Networks

Abstract:Existing public blockchain-based covert communication systems are suffering the issues of insufficient robustness, anti-temper modification, and anonymity at both the transaction and network layers. In this paper, to overcome this problem, we propose a novel Monero-based security-enhanced covert communication system, in which a new storage-type covert channel is developed. This channel makes Monero transaction amount as data carrier for covert communication. Then, we devise two new algorithms, respectively for resisting Eclipse attacks and the two existing node crawling attacks. Extensive simulation experiments show that the developed new covert communication channel can achieve higher robustness, anti-detection, and anonymity. The new security-enhanced algorithms can effectively mitigate Eclipse attacks by 37.6%, and the two existing node crawling attacks by 21.1% and 17.1% respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Xiang Zhang,Xiaona Zhang,Xiaorui Zhang,Wei Sun,Ruohan Meng,Xingming Sun

DOI: https://doi.org/10.32604/csse.2023.034915

IF: 4.397

2023-01-01

Computer Systems Science and Engineering

Abstract:The data in the blockchain cannot be tampered with and the users are anonymous, which enables the blockchain to be a natural carrier for covert communication. However, the existing methods of covert communication in blockchain suffer from the predefined channel structure, the capacity of a single transaction is not high, and the fixed transaction behaviors will lower the concealment of the communication channel. Therefore, this paper proposes a derivation matrix-based covert communication method in blockchain. It uses dual-key to derive two types of blockchain addresses and then constructs an address matrix by dividing addresses into multiple layers to make full use of the redundancy of addresses. Subsequently, to solve the problem of the lack of concealment caused by the fixed transaction behaviors, divide the rectangular matrix into square blocks with overlapping regions and then encrypt different blocks sequentially to make the transaction behaviors of the channel addresses match better with those of the real addresses. Further, the linear congruence algorithm is used to generate random sequence, which provides a random order for blocks encryption, and thus enhances the security of the encryption algorithm. Experimental results show that this method can effectively reduce the abnormal transaction behaviors of addresses while ensuring the channel transmission efficiency.

computer science, theory & methods, hardware & architecture

Tao Zhang,Qianhong Wu,Qin Wang,Tianxu Han,Bingyu Li,Yan Zhu

DOI: https://doi.org/10.1016/j.csi.2024.103851

IF: 3.721

2024-03-15

Computer Standards & Interfaces

Abstract:Blockchain technology has demonstrated promising potential for covert communication. Although a series of studies have investigated blockchain-based covert communication, systematic research on the information-hiding patterns and covert communication patterns built on the blockchain is absent. This paper aims to conduct a comprehensive analysis of the related patterns. Based on intensive investigation, we abstract and propose a reference model for blockchain-based covert communication. We accordingly identify five types of covert communication patterns, each with different roles for covert senders and covert receivers, which enable one-to-one and one-to-many communication. Using Bitcoin as an example, we analyze the data distribution of covert channels within the block and transaction structure. Furthermore, we compare the hiding patterns and covert communication patterns and discuss the challenges and promising directions to achieve secure, robust, and cost-effective covert communication using blockchain. This work can provide valuable insights into the potential of blockchain technology for covert communication and lay the foundation for future research in this area.

computer science, software engineering, hardware & architecture

Zhuo Chen,Liehuang Zhu,Peng Jiang,Zijian Zhang,Chengxiang Si

DOI: https://doi.org/10.1109/tifs.2024.3478834

IF: 7.231

2024-10-26

IEEE Transactions on Information Forensics and Security

Abstract:Covert channels in blockchain networks achieve undetectable and reliable communication, while transactions incorporating secret data are perpetually stored on the chain, thereby leaving the secret data continuously susceptible to extraction. MTMM (IEEE Transactions on Computers 2023) is a state-of-the-art blockchain-based covert channel. It utilizes Bitcoin network traffic that will not be recorded on the chain to embed data, thus mitigating the above issues. However, we identify a distinctive pattern in MTMM, based on which we propose a comparison attack to accurately detect MTMM traffic. To defend against the attack, we present an improvement named ORIM, which exploits the permutation of transaction hashes within inventory messages to transmit secret data. ORIM leverages a pseudo-random function to obscure the transaction hashes involved in the permutation to ensure unobservability. The obfuscated values, rather than the original transaction hashes, are utilized to encode the confidential data. Furthermore, we introduce a variable-length encoding scheme predicated on complete binary trees. This scheme considerably amplifies the bandwidth and facilitates efficient encoding and decoding of secret data. Experimental results indicate that ORIM maintains unobservability and that ORIM's bandwidth is approximately of MTMM.

computer science, theory & methods,engineering, electrical & electronic

Luo Xiangyang,Zhang Pei,Zhang Mingliang,Li Hao,Qingfeng Cheng

DOI: https://doi.org/10.1109/tii.2021.3100480

IF: 12.3

2022-04-01

IEEE Transactions on Industrial Informatics

Abstract:With the global promotion and application of 5G technology, the data transmitted on the network show explosive growth, and the secure sharing of its important data is still one of the research hotspots. Steganography embeds the data that needs to be shared into digital carrier files and transmits it through open channels, which has important applications in protecting data sharing and realizing covert communication. However, the encrypted files generated by traditional steganography are susceptible to compression, cropping, geometric attacks, and man-made destruction in the process of open channel transmission, resulting in data loss, making it difficult for the receiver to correctly extract secret message. Currently, covert communication on blockchain can solve the above problems, but it also brings some new problems such as high computational complexity, low transmission efficiency, and nondetection resistance. Therefore, in this article, a covert communication method based on Bitcoin transactions is proposed. The proposed method first designs the index matrix of the transaction address. Then, the address interaction relationship that carries the secret message through the transaction index matrix is constructed. Finally, the address interaction relationship that carries the secret message is combined with the transaction amount to complete the covert transmission of the secret message on the blockchain environment. The proposed method improves the security and embedding efficiency of covert communication, reduces the number of transactions, and ensures the integrity of extracting secret message. A series of experimental results show that under the condition of ensuring the necessary security, the proposed method retains the strong robustness of the existing blockchain steganography and has strong resistance to detection.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Nasser Alsalami,Bingsheng Zhang

DOI: https://doi.org/10.1109/iwqos49365.2020.9213064

2020-01-01

Abstract:Public blockchains can be abused to covertly store and disseminate potentially harmful digital content which poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs; we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, we present a generic framework to immunize blockchains against these attacks.

Jing Tian,Gang Xiong,Zhen Li,Gaopeng Gou

DOI: https://doi.org/10.1155/2020/8892896

IF: 1.968

2020-08-05

Security and Communication Networks

Abstract:In order to protect user privacy or guarantee free access to the Internet, the network covert channel has become a hot research topic. It refers to an information channel in which the messages are covertly transmitted under the network environment. In recent years, many new construction schemes of network covert channels are proposed. But at the same time, network covert channel has also received the attention of censors, leading to many attacks. The network covert channel refers to an information channel in which the messages are covertly transmitted under the network environment. Many users exploit the network covert channel to protect privacy or guarantee free access to the Internet. Previous construction schemes of the network covert channel are based on information steganography, which can be divided into CTCs and CSCs. In recent years, there are some covert channels constructed by changing the transmission network architecture. On the other side, some research work promises that the characteristics of emerging network may better fit the construction of the network covert channel. In addition, the covert channel can also be constructed by changing the transmission network architecture. The proxy and anonymity communication technology implement this construction scheme. In this paper, we divide the key technologies for constructing network covert channels into two aspects: communication content level (based on information steganography) and transmission network level (based on proxy and anonymity communication technology). We give an comprehensively summary about covert channels at each level. We also introduce work for the three new types of network covert channels (covert channels based on streaming media, covert channels based on blockchain, and covert channels based on IPv6). In addition, we present the attacks against the network covert channel, including elimination, limitation, and detection. Finally, the challenge and future research trend in this field are discussed.

computer science, information systems,telecommunications

Yankai Xie,Ruian Li,Yan Huang,Chi Zhang,Lingbo Wei,Yani Sun

DOI: https://doi.org/10.1109/tsc.2024.3390396

2024-01-01

Abstract:The Bitcoin blockchain enables users to conduct transactions securely, but its performance is restricted by the need for global consensus. Payment channels, as a promising solution to this issue, overcome this limitation through off-chain transactions. Instead of conducting each transaction on-chain, they only settle the final payment balances with the underlying blockchain. However, the most prominent scheme, the Lightning Network payment channel, requires participants to regularly monitor blockchain; otherwise, there is a potential risk of fund loss. Moreover, this scheme also fails to support participants in settling the final payment balances in real time, compromising the efficiency of fund utilization. Existing payment channel enhancing technologies are unable to overcome the above issues without compromising payment privacy. To solve the above issues, we apply the Intel Software Guard Extensions (SGX), which provides trusted execution environments with confidentiality and integrity guarantees, to design a novel Bitcoin payment channel scheme. The scheme can support real-time settlement yet guarantee the participants' fund security without monitoring the blockchain. Through a combination of the additive homomorphic property of keys, the secret sharing scheme, and customized punishments, our scheme can still guarantee fund security and off-chain transaction privacy, even if the confidentiality of SGX is compromised by side-channel attacks. Finally, security and performance analysis demonstrate that our scheme allows participants to construct a secure yet efficient payment channel to transfer value.

Ke Xiao,Jiayang Li,Yunhua He,Xu Wang,Chao Wang

DOI: https://doi.org/10.1016/j.future.2024.01.012

IF: 7.307

2024-01-13

Future Generation Computer Systems

Abstract:With the increasing demand for digital currencies and other blockchain transactions, the contradiction between the growing demand and the limited blockchain space has become increasingly prominent, and the scalability of the blockchain urgently needs to be resolved. The existing off-chain payment channel solutions do not give enough consideration to the multi-party parallel transaction process, and the transaction process lacks supervision, making it difficult to meet the actual demand. In this paper, we propose a multi-party secure, flexible, concurrent and supervisable off-chain payment channel scheme. Our scheme not only optimizes the current transaction process so that the participants and channel balance within the channel can be flexibly changed without affecting the normal transaction process, but also designs a multi-level collaborative supervision mechanism from multiple perspectives of positive and negative, active and passive, and multiple layers of on-chain and off-chain to ensure the safety and convenience of the transaction process. The security of the scheme was also analyzed, especially the possible collusion in the channel. We simulated the operation of the channel in the blockchain simulation and testing software Simblock and tested the scheme from various aspects. The experiments show that our scheme is able to achieve secure supervision within the channel with a modest overhead (about 15%). Testing of the mentioned smart contracts further illustrates the feasibility of the scheme.

computer science, theory & methods