Blockchain-Based Covert Communication: A Detection Attack and Efficient Improvement

Covert channels in blockchain networks achieve undetectable and reliable communication, while transactions incorporating secret data are perpetually stored on the chain, thereby leaving the secret data continuously susceptible to extraction. MTMM (IEEE Transactions on Computers 2023) is a state-of-the-art blockchain-based covert channel. It utilizes Bitcoin network traffic that will not be recorded on the chain to embed data, thus mitigating the above issues. However, we identify a distinctive pattern in MTMM, based on which we propose a comparison attack to accurately detect MTMM traffic. To defend against the attack, we present an improvement named ORIM, which exploits the permutation of transaction hashes within inventory messages to transmit secret data. ORIM leverages a pseudo-random function to obscure the transaction hashes involved in the permutation to ensure unobservability. The obfuscated values, rather than the original transaction hashes, are utilized to encode the confidential data. Furthermore, we introduce a variable-length encoding scheme predicated on complete binary trees. This scheme considerably amplifies the bandwidth and facilitates efficient encoding and decoding of secret data. Experimental results indicate that ORIM maintains unobservability and that ORIM’s bandwidth is approximately $3.7\times $ of MTMM.