Review Article
A Survey of Key Technologies for Constructing Network Covert Channel
| E2M | Tag composition | Tag location | Blocking strategy | Deployment requirement |
| Telex [22] | (i) An ECDH public key point. (ii) A hash of the ECDH secret shared with ISP. | TLS client nonce | Only tagged flow | Inline-blocking and redirecting components provided by ISP. |
| Cirripede [64] | (i) An ECDH public key point. (ii) A hash of the ECDH secret shared with ISP. | TCP ISNs | All connections | Inline-blocking and redirecting components provided by ISP. |
| Decoy routing [63] | (i) An HMAC of the previously established shared secret key. (ii) The current hour. (iii) A per-hour sequence number. | TLS client nonce | Only the tagged flow | Inline-blocking and redirecting components provided by ISP. |
| Tapdance [20] | The client’s connection-specific elliptic curve public key point. | TLS ciphertext | Not blocking | (i) A passive tap that observes traffic transiting the ISP. (ii) The ability to inject new packets. |
|
|