通信学报 ›› 2022, Vol. 43 ›› Issue (9): 209-223.doi: 10.11959/j.issn.1000-436x.2022146
李雷孝1,2, 杜金泽1,2, 林浩3, 高昊昱1, 杨艳艳1, 高静4
修回日期:
2022-06-28
出版日期:
2022-09-25
发布日期:
2022-09-01
作者简介:
李雷孝(1978- ),男,山东成武人,博士,内蒙古工业大学教授,主要研究方向为网络空间安全、区块链技术、数据分析与数据挖掘等基金资助:
Leixiao LI1,2, Jinze DU1,2, Hao LIN3, Haoyu GAO1, Yanyan YANG1, Jing GAO4
Revised:
2022-06-28
Online:
2022-09-25
Published:
2022-09-01
Supported by:
摘要:
数字货币伴生的区块链技术具有去中心化、匿名性、强稳健性和抗篡改性等特点,是构建隐蔽通信信道的天然载体。首先介绍了网络隐蔽信道的定义和发展历史,区块链技术的架构,以及传统的网络隐蔽信道并引出了区块链网络隐蔽信道的优势;然后按照交易地址、签名算法、智能合约和P2P广播机制对区块链网络隐蔽信道进行分类,并从隐蔽性、传输效率和通信成本3个方面分析了其优缺点;最后提出了区块链网络隐蔽信道仍存在的问题并给出了未来研究方向。
中图分类号:
李雷孝, 杜金泽, 林浩, 高昊昱, 杨艳艳, 高静. 区块链网络隐蔽信道研究进展[J]. 通信学报, 2022, 43(9): 209-223.
Leixiao LI, Jinze DU, Hao LIN, Haoyu GAO, Yanyan YANG, Jing GAO. Research progress of blockchain network covert channel[J]. Journal on Communications, 2022, 43(9): 209-223.
表1
3种方法改进过程与优缺点分析"
方法名 | 特点 | 存在问题 |
BLOCCE | 发送方生成多个支付地址,支付地址的最低有效位(LSB, least | ①发送方随机生成的地址要匹配编码后信息的LSB或低α位,所 |
significant bit)按顺序与加密后的隐秘信息组合相映射,设定 | 用时间成本并未考虑 | |
信息开始符作为通信开始的标志,按顺序向区块链广播交易 | ②通信开始前节点有意外生成信息开始符的可能,误以为通信 | |
BLOCCE+ | 较之 BLOCCE 每次通信都需要传递信息开始符,该方法将隐 | 开始;并且在网络时延或交易费用大小不同的情况下,交易不 |
秘信息和信息开始符一起编码,前一次通信就传递了下一次 | 一定会按提交顺序被打包到某个特定的区块,接收方接收的隐 | |
的信息开始符,减少了过多的信息传递,提升了隐蔽性;将 | 秘信息可能是混乱的 | |
原有对LSB的信息嵌入改为对地址的低α位信息嵌入,在同一 | ③没有提取特殊交易的筛选方法,需要遍历区块中的全部交 | |
区块中打包入多笔交易 | 易,效率极低 | |
V-BLOCCE | Vanitygen 可以随机生成符合要求的地址,并且可以准确搜索 | 每笔交易只有一个 OP_RETURN 字段,如果隐秘信息较长,需 |
特定前缀、后缀或常规匹配的地址,信息嵌入地址中的速度 | 将索引写入多个 OP_RETURN 字段。而该字段使用率只占比特 | |
加快;采用 Base58 编码方式代替二进制编码,嵌入的信息量 | 币交易的极少部分[ | |
是 BLOCCE 的lb58倍;地址序列索引信息加密后写入交易的 | 特殊内容,易被检测 | |
OP_RETURN字段,不需要按交易提交的顺序打包入区块 |
表2
基于区块链的网络隐蔽信道构建方法"
载体类型 | 文献 | 简要介绍 | 评价指标 | ||
隐蔽性 | 传输效率 | 通信成本 | |||
交易地址 | 文献[ | 利用地址的LSB编码信息,每次共享信息开始符 | 低 | 低 | 高 |
文献[ | 利用地址的低α位编码信息并将信息开始符也编码入信息序列中 | 低 | 低 | 高 | |
文献[ | base58编码信息嵌入多个Vanitygen生成地址的LSB,索引写入OP_RETURN | 低 | 中 | 中 | |
文献[ | 将信息直接编码入公钥中生成交易地址 | 高 | 低 | 高 | |
文献[ | 将交易金额矩阵与交易地址索引矩阵结合 | 中 | 中 | 高 | |
签名算法 | 文献[ | 设计窃密算法生成特殊签名,只有信息接收方可提取交易 | 高 | 中 | 高 |
文献[ | 利用门罗币环签名特性,将信息编码入环签名公钥集中 | 中 | 低 | 低 | |
智能合约 | 文献[ | 依据图像隐写术编码信息并调用智能合约传递 | 低 | 高 | 低 |
文献[ | 依据投票合约选项和投标合约价格的不同编码信息 | 中 | 中 | 低 | |
P2P 广播机制 | 文献[ | 信息分片写入交易coinbase字段,利用交易广播机制建立联系传输交易 | 低 | 低 | 高 |
文献[ | 利用以太坊Whisper协议传输信息 | 中 | 高 | 低 | |
文献[ | 基于时间间隔与节点唯一性标识符结合编码信息进行通信 | 高 | 低 | 低 |
表3
区块链中隐秘信息嵌入机制"
嵌入机制 | 嵌入机制描述 | 类型 | 信道容量 | 隐蔽性 |
LSB方式 | 利用载体的最低有效位,例如xxx1、xxx0 | 显示嵌入 | 1 bit | 低 |
存储字段 | 载体本身字段,例如OP_RETURN、输入输出字段 | 显示嵌入 | 80 byte,2 000 byte | 低 |
金额字段 | 交易中的金额字段 | 显示嵌入 | 28 bit | 低 |
直接写入 | 加密算法加密后直接写入载体,例如Whisper协议 | 显示嵌入 | 255 bit | 低 |
特殊地址 | 通过哈希算法等方法生成特殊地址 | 隐示嵌入 | 1 bit | 高 |
签名字段 | 嵌入数字签名算法中的随机数k | 隐示嵌入 | 255 bit | 高 |
时间间隔 | 交易广播时间间隔区分隐秘信息 | 隐示嵌入 | 1 bit | 高 |
[1] | ZANDER S , ARMITAGE G , BRANCH P . Covert channels and countermeasures in computer network protocols[J]. IEEE Communications Surveys and Tutorials, 2007,45(12): 136-142. |
[2] | NAKAMOTO S . Bitcoin:a peer-to-peer electronic cash system[J]. Consulted, 2008,28(1): 21260-21268. |
[3] | WENDZEL S , ZANDER S , FECHNER B ,et al. Pattern-based survey and categorization of network covert channel techniques[J]. ACM Computing Surveys, 2015,47(3): 50. |
[4] | 王翀, 王秀利, 吕荫润 ,等. 隐蔽信道新型分类方法与威胁限制策略[J]. 软件学报, 2020,31(1): 228-245. |
WANG C , WANG X L , LYU Y R ,et al. Categorization of covert channels and its application in threat restriction techniques[J]. Journal of Software, 2020,31(1): 228-245. | |
[5] | 李彦峰, 丁丽萍, 吴敬征 ,等. 网络隐蔽信道关键技术研究综述[J]. 软件学报, 2019,30(8): 2470-2490. |
LI Y F , DING L P , WU J Z ,et al. Survey on key issues in networks covert channel[J]. Journal of Software, 2019,30(8): 2470-2490. | |
[6] | 李凤华, 李超洋, 郭超 ,等. 泛在网络环境下隐蔽通道关键技术研究综述[J]. 通信学报, 2022,43(4): 186-201. |
LI F H , LI C Y , GUO C ,et al. Survey on key technologies of covert channel in ubiquitous network environment[J]. Journal on Communications, 2022,43(4): 186-201. | |
[7] | PETITCOLAS F A P , ANDERSON R J , KUHN M G . Information hiding-a survey[J]. Proceedings of the IEEE, 1999,87(7): 1062-1078. |
[8] | LAMPSON B W . A note on the confinement problem[J]. Communications of the ACM, 1973,16(10): 613-615. |
[9] | SIMMONS G J , . The prisoners’ problem and the subliminal channel[C]// Proceedings of CRYPTO. Berlin:Spinger, 1984: 51-67. |
[10] | CRAVER S , . On public-key steganography in the presence of an active warden[C]// International Workshop on Information Hiding. Berlin:Spinger, 1998: 355-368. |
[11] | MILLEN J , . 20 years of covert channel modeling and analysis[C]// Proceedings of the 1999 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 1999: 113-114. |
[12] | HANDEL T G , SANDFORD M T II . Hiding data in the OSI network model[C]// International Workshop on Information Hiding. Berlin:Spinger, 1996: 23-38. |
[13] | CAUICH E , GOMEZ C R , WATANABE R . Data hiding in identification and offset IP fields[C]// Proceedings of the 5th International School and Symposium. Berlin:Spinger, 2005: 247-261. |
[14] | GIRLING C G . Covert channels in LAN’s[J]. IEEE Transactions on Software Engineering, 1987,13(2): 292-296. |
[15] | ROWLAND C H . Covert channels in the TCP/IP protocol suite[J]. First Monday, 1997,2(5): 1. |
[16] | WOLF M , . Covert channels in LAN protocols[C]// Local Area Network Security. Berlin:Spinger, 1989: 89-101. |
[17] | WU J Z , WU Y J , YANG M T ,et al. POSTER:biTheft:stealing your secrets by bidirectional covert channel communication with zero-permission android application[C]// Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2015: 1690-1692. |
[18] | PARTALA J . Provably secure covert communication on blockchain[J]. Cryptography, 2018,2(3): 18-35. |
[19] | 刘明达, 陈左宁, 拾以娟 ,等. 区块链在数据安全领域的研究进展[J]. 计算机学报, 2021,44(1): 1-27. |
LIU M D , CHEN Z N , SHI Y J ,et al. Research progress of blockchain in data security[J]. Chinese Journal of Computers, 2021,44(1): 1-27. | |
[20] | EPISHKINA A , KOGOS K . Protection from binary and multi-symbol packet length covert channels[C]// Proceedings of the 8th International Conference on Security of Information and Networks. New York:ACM Press, 2015: 196-202. |
[21] | MAZURCZYK W , SZCZYPIORSKI K . Evaluation of steganographic methods for oversized IP packets[J]. Telecommunication Systems, 2012,49(2): 207-217. |
[22] | RIOS R , ONIEVA J A , LOPEZ J . HIDE_DHCP:covert communications through network configuration messages[C]// Information Security and Privacy Research.[S.l.:s.n.], 2012: 162-173. |
[23] | ZOU X G , LI Q , SUN S H ,et al. The research on information hiding based on command sequence of FTP protocol[C]// Knowledge-Based Intelligent Information and Engineering Systems.[S.l.:s.n.], 2005: 1079-1085. |
[24] | PATUCK R , HERNANDEZ-CASTRO J , . Steganography using the extensible messaging and presence protocol (XMPP)[J]. arXiv Preprint,arXiv:1310.0524, 2013. |
[25] | WENDZEL S , KAHLER B , RIST T . Covert channels and their prevention in building automation protocols:a prototype exemplified using BACnet[C]// Proceedings of 2012 IEEE International Conference on Green Computing and Communications. Piscataway:IEEE Press, 2012: 731-736. |
[26] | GIFFIFIN J , GREENSTADT R , LITWACK P ,et al. Covert messaging through TCP timestamps[C]// Proceedings of 2002 International Conference on Privacy Enhancing Technologies. Piscataway:IEEE Press, 2020: 194-208. |
[27] | LUCENA N B , PEASE J , YADOLLAHPOUR P ,et al. Syntax and semantics-preserving application-layer protocol steganography[C]// International Workshop on Information Hiding. Berlin:Spinger, 2004: 164-179. |
[28] | MUCHENE D N , LULI K , SHUE C A . Reporting insider threats via covert channels[C]// Proceedings of 2013 IEEE Security and Privacy Workshops. Piscataway:IEEE Press, 2013: 68-71. |
[29] | TAHIR R , KHAN M T , GONG X ,et al. Sneak-Peek:high speed covert channels in data center networks[C]// Proceedings of the 35th Annual IEEE International Conference on Computer Communications. Piscataway:IEEE Press, 2016: 1-9. |
[30] | EL-ATAWY A , DUAN Q , AL-SHAER E , . A novel class of robust covert channels using out-of-order packets[J]. IEEE Transactions on Dependable and Secure Computing, 2017,14(2): 116-129. |
[31] | LIU F F , YAROM Y , GE Q ,et al. Last-level cache side-channel attacks are practical[C]// Proceedings of 2015 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2015: 605-622. |
[32] | IRAZOQUI G , EISENBARTH T , SUNAR B . Cross processor cache attacks[C]// Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. New York:ACM Press, 2016: 353-364. |
[33] | MAZURCZYK W . Lost audio packets steganography:the first practical evaluation[J]. Security and Communication Networks, 2012,5(12): 1394-1403. |
[34] | TAHMASBI F , MOGHIM N , MAHDAVI M . Code-based timing covert channel in IEEE 802.11[C]// Proceedings of 2015 5th International Conference on Computer and Knowledge Engineering (ICCKE). Piscataway:IEEE Press, 2015: 12-17. |
[35] | GILES J , HAJEK B . An information-theoretic and game-theoretic study of timing channels[J]. IEEE Transactions on Information Theory, 2002,48(9): 2455-2477. |
[36] | 宋上, 彭伟 . BLOCCE+:一种改进的基于区块链的隐蔽通信方法[J]. 重庆理工大学学报(自然科学), 2020,34(9): 238-244. |
SONG S , PENG W . BLOCCE +:an improved blockchain-based covert communication approach[J]. Journal of Chongqing University of Technology (Natural Science), 2020,34(9): 238-244. | |
[37] | ZHANG L J , ZHANG Z J , WANG W Z ,et al. A covert communication method using special bitcoin addresses generated by vanitygen[J]. Computers,Materials & Continua, 2020,65(1): 597-616. |
[38] | BARTOLETTI M , POMPIANU L . An analysis of Bitcoin OP_RETURN metadata[J]. Lecture Notes in Computer Science, 2017,10323: 218-230. |
[39] | CAO H T , YIN H , GAO F ,et al. Chain-based covert data embedding schemes in blockchain[J]. IEEE Internet of Things Journal, 2022,9(16): 14699-14707. |
[40] | LUO X Y , ZHANG P , ZHANG M L ,et al. A novel covert communication method based on bitcoin transaction[J]. IEEE Transactions on Industrial Informatics, 2022,18(4): 2830-2839. |
[41] | 司成祥, 高峰, 祝烈煌 ,等. 一种支持动态标签的区块链数据隐蔽传输机制[J]. 西安电子科技大学学报, 2020,47(5): 94-102. |
SI C X , GAO F , ZHU L H ,et al. Covert data transmission mechanism based on dynamic label in blockchain[J]. Journal of Xidian University, 2020,47(5): 94-102. | |
[42] | TIAN J , GOU G P , LIU C ,et al. DLchain:a covert channel over blockchain based on dynamic labels[C]// International Conference on Information and Communications Security. Piscataway:IEEE Press, 2019: 814-830. |
[43] | SIDIQ M F , WIBOWO F M , WIBOWO M ,et al. Secret and trustable communication channel over blockchain public ledger[C]// Proceedings of 2021 IEEE International Conference on Communication,Networks and Satellite. Piscataway:IEEE Press, 2021: 371-376. |
[44] | FIONOV A , . Exploring covert channels in bitcoin transactions[C]// Proceedings of 2019 International Multi-Conference on Engineering,Computer and Information Sciences (SIBIRCON). Piscataway:IEEE Press, 2019: 59-64. |
[45] | GAO F , ZHU L H , GAI K K ,et al. Achieving a covert channel over an open blockchain network[J]. IEEE Network, 2020,34(2): 6-13. |
[46] | FRKAT D , ANNESSI R , ZSEBY T . ChainChannels:private botnet communication over public blockchains[C]// Proceedings of 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data. Piscataway:IEEE Press, 2018: 1244-1252. |
[47] | GUO Z Z , SHI L C , XU M Z ,et al. MRCC:a practical covert channel over monero with provable security[J]. IEEE Access, 2021,9: 31816-31825. |
[48] | 蓝怡琴, 张方国, 田海博 . 利用门罗币实现隐蔽通信[J]. 西安电子科技大学学报, 2020,47(5): 19-27. |
LAN Y Q , ZHANG F G , TIAN H B . Using Monero to realize covert communication[J]. Journal of Xidian University, 2020,47(5): 19-27. | |
[49] | BASUKI A I , ROSIYADI D . Joint transaction-image steganography for high capacity covert communication[C]// Proceedings of 2019 International Conference on Computer,Control,Informatics and its Applications (IC3INA). Piscataway:IEEE Press, 2019: 41-46. |
[50] | ZHANG L J , ZHANG Z J , WANG W Z ,et al. Research on a covert communication model realized by using smart contracts in blockchain environment[J]. IEEE Systems Journal, 2022,16(2): 2822-2833. |
[51] | 吕婧淑, 操晓春 . 基于比特币系统的隐蔽通信技术[J]. 信息安全学报, 2021,6(2): 143-152. |
LYU J S , CAO X C . Covert communication technology based on bitcoin[J]. Journal of Cyber Security, 2021,6(2): 143-152. | |
[52] | ABDULAZIZ M , ?ULHA D , YAZICI A . A decentralized application for secure messaging in a trustless environment[C]// Proceedings of 2018 International Congress on Big Data,Deep Learning and Fighting Cyber Terrorism (IBIGDELFT). Piscataway:IEEE Press, 2018: 1-5. |
[53] | ZHANG L J , ZHANG Z J , JIN Z L ,et al. An approach of covert communication based on the Ethereum whisper protocol in blockchain[J]. International Journal of Intelligent Systems, 2021,36(2): 962-996. |
[54] | ZHANG Z J , ZHANG L J , RASHEED W ,et al. The research on covert communication model based on blockchain:a case study of Ethereum’s whisper protocol[C]// Frontiers in Cyber Security.[S.l.:s.n.], 2020: 215-230. |
[55] | RECABARREN R , CARBUNAR B . Tithonus:a bitcoin based censorship resilient system[J]. Proceedings on Privacy Enhancing Technologies, 2019,2019(1): 68-86. |
[56] | 李彦峰, 丁丽萍, 吴敬征 ,等. 区块链环境下的新型网络隐蔽信道模型研究[J]. 通信学报, 2019,40(5): 67-78. |
LI Y F , DING L P , WU J Z ,et al. Research on a new network covert channel model in blockchain environment[J]. Journal on Communications, 2019,40(5): 67-78. | |
[57] | 李彦峰, 丁丽萍, 吴敬征 ,等. 一种基于多节点时间戳共谋的区块链网络隐蔽通信方法:CN111245570B[P]. 2021-06-08. |
LI Y F , DING L P , WU J Z ,et al. Block chain network covert communication method based on multi-node timestamp collusion:CN11124 5570B[P]. 2021-06-08. | |
[58] | GAI K K , WU Y L , ZHU L H ,et al. Permissioned blockchain and edge computing emPoWered privacy-preserving smart grid networks[J]. IEEE Internet of Things Journal, 2019,6(5): 7992-8004. |
[59] | 黄韬, 刘江, 汪硕 ,等. 未来网络技术与发展趋势综述[J]. 通信学报, 2021,42(1): 130-150. |
HUANG T , LIU J , WANG S ,et al. Survey of the future network technology and trend[J]. Journal on Communications, 2021,42(1): 130-150. | |
[60] | MEIKLEJOHN S , ORLANDI C . Privacy-enhancing overlays in bitcoin[C]// International Conference on Financial Cryptography and Data Security. Berlin:Spinger, 2015: 127-141. |
[61] | AVERIN A , SAMARTSEV A , SACHENKO N . Review of methods for ensuring anonymity and de-anonymization in blockchain[C]// Proceedings of 2020 International Conference on Quality Management,Transport and Information Security,Information Technologies (IT&QM&IS). Piscataway:IEEE Press, 2020: 82-87. |
[62] | WORLEY C , SKJELLUM A . Blockchain tradeoffs and challenges for current and emerging applications:generalization,fragmentation,sidechains,and scalability[C]// Proceedings of 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data. Piscataway:IEEE Press, 2018: 1582-1587. |
[1] | 张海波, 曹钰坤, 刘开健, 王汝言. 车联网中基于区块链的分布式信任管理方案[J]. 通信学报, 2023, 44(5): 148-157. |
[2] | 刘雪娇, 钟强, 夏莹杰. 基于双层分片区块链的车联网跨信任域高效认证方案[J]. 通信学报, 2023, 44(5): 213-223. |
[3] | 冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233. |
[4] | 夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123. |
[5] | 蒋丽, 谢胜利, 田辉. 面向数字孪生边缘网络的区块链分片及资源自适应优化机制[J]. 通信学报, 2023, 44(3): 12-23. |
[6] | 戴千一, 张斌, 郭松, 徐开勇. 基于多分类器集成的区块链网络层异常流量检测方法[J]. 通信学报, 2023, 44(3): 66-80. |
[7] | 经普杰, 王良民, 董学文, 张玉书, 王骞, Muhammad Sohail. 分层跨链结构:一种面向区块链系统监管的可行架构[J]. 通信学报, 2023, 44(3): 93-104. |
[8] | 刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197. |
[9] | 黄冬艳, 李琨. 多地址的时间型区块链隐蔽通信方法研究[J]. 通信学报, 2023, 44(2): 148-159. |
[10] | 杨亚涛, 刘德莉, 刘培鹤, 曾萍, 肖嵩. BFV-Blockchainvoting:支持BFV全同态加密的区块链电子投票系统[J]. 通信学报, 2022, 43(9): 100-111. |
[11] | 冯霞, 崔凯平, 谢晴晴, 王良民. VANET中基于区块链的分布式匿名认证方案[J]. 通信学报, 2022, 43(9): 134-147. |
[12] | 熊礼治, 朱蓉, 付章杰. 基于交易构造和转发机制的区块链网络隐蔽通信方法[J]. 通信学报, 2022, 43(8): 176-187. |
[13] | 陈炜宇, 骆俊杉, 王方刚, 丁海洋, 王世练, 夏国江. 无线隐蔽通信容量限与实现技术综述[J]. 通信学报, 2022, 43(8): 203-218. |
[14] | 杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178. |
[15] | 莫梓嘉, 高志鹏, 杨杨, 林怡静, 孙山, 赵晨. 面向车联网数据隐私保护的高效分布式模型共享策略[J]. 通信学报, 2022, 43(4): 83-94. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|