Review Article
A Survey of Key Technologies for Constructing Network Covert Channel
| | E2M | Tag composition | Tag location | Blocking strategy | Deployment requirement |
| | Telex [22] | (i) An ECDH public key point.
(ii) A hash of the ECDH secret shared with ISP. | TLS client nonce | Only tagged flow | Inline-blocking and redirecting components provided by ISP. |
| | Cirripede [64] | (i) An ECDH public key point.
(ii) A hash of the ECDH secret shared with ISP. | TCP ISNs | All connections | Inline-blocking and redirecting components provided by ISP. |
| | Decoy routing [63] | (i) An HMAC of the previously established shared secret key.
(ii) The current hour.
(iii) A per-hour sequence number. | TLS client nonce | Only the tagged flow | Inline-blocking and redirecting components provided by ISP. |
| | Tapdance [20] | The client’s connection-specific elliptic curve public key point. | TLS ciphertext | Not blocking | (i) A passive tap that observes traffic transiting the ISP.
(ii) The ability to inject new packets. |
|
|
