History Covert Channels and Covert Channel Amplification: An Overview
This post summarizes our works on history covert channels, i.e., covert channel amplification.
Overview
The concept of covert channel amplification, history covert channels and predictive covert channels was introduced in our “DYST” paper. We published multiple follow-up papers as summarized in the figure below.
The core idea of covert channel amplification is to minimize the amount of data that must be sent through the channel. Why? Because with amplification, an adversary aiming to detect/block the covert channel has less traces to analyze (e.g., during Internet censorship). This is achieved by sending a small pointer through the covert channel that references larger data observed or found elsewhere.
1. DYST (IEEE TDSC 2025, pre-print published 2022)
Authors: Steffen Wendzel, Tobias Schmidbauer, Sebastian Zillien, Jörg Keller
Our paper on DYST (Did You See That?) introduced the concept of covert channel amplification. Covert channel amplification aims to transfer fewer message bits through the covert channel than are actually delivered to the receiver. This can be achieved by sending small pointers through the covert channel that refer to data that is larger than the size of the pointer. For instance, if we send a two-bit pointer through the covert channel and the pointer refers to three bits of secret data, we achieve such an amplification. However, one must ensure that the size of the pointer does not grow at the same rate as the size of the data.
In case of DYST, broadcast or on-path packets are monitored: The covert sender computes a hash value over each packet observable by both, covert sender and receiver. Once a hash value matches the secret message, the covert sender sends a signal to the receiver. Here, the hash value is longer than the size of the pointer.
The DYST paper presents the concepts of both, history covert channels and predictive covert channels. Both types of covert channels achieve an amplification, either by pointing to already seen data (history) or to anticipated data (prediction). However, a key limitation of this initial paper is the slow transmission rate of DYST (see 3. Silent History Protocol below).
2. OPPRESSION (AsiaCCS’24)
Authors: Sebastian Zillien, Tobias Schmidbauer, Mario Kubek, Jörg Keller, Steffen Wendzel
In comparison to DYST, which can handle all types of data, OPPRESSION (Open Knowledge Compression) is exclusively focusing on textual data. We assume that covert sender and receiver both have access to some identical online content, e.g., public (fake) news websites or other online content. They both crawl these websites to generate a dictionary of sentences that they can point to (using elements of so-called Patricia tries). To transfer a secret message, the covert sender sends a pointer to a tree element (representing (part of) a sentence) to the receiver. Like in case of DYST, an amplification is reached by keeping the pointer shorter than the sentence being pointed to.
3. Silent History Protocol (JISA 2026)
Authors: Christoph Weißenborn, Steffen Wendzel
The idea of the Silent History Protocol (SHP) is to address the limited transmission rate of the original DYST. One approach how this is achieved is to point to characteristics of flows. For instance, the sender can reference intra-connection packet numbers and intra-connection delays as well as other attributes. The SHP significantly increased the transmission bitrate of DYST.
4. AMPhitryon (IFIP SEC’26 (in press))
Authors: Steffen Wendzel, Sebastian Zillien, Sebastian Zander
The idea behind AMPhitryon (pre-print, final version available soon) is to realize a covert channel amplification in a flow-wise manner. For each flow, sender and receive observe unencrypted payload (before encryption / after decryption) and both build a dictionary of observed content from the flow. For instance, every message in a chat is added to the dictionary. Once a chunk is sent again, it can be referenced using the dictionary. No explicit exchange of the built dictionaries between sender and receiver is necessary because sender and receiver observe the same traffic. Also, in contrast to OPPRESSION, neither sender or receiver need to crawl any website or online content. In essence, AMPhitryon can be considered a compression scheme that can be used for arbitrary censorship circumvention/covert channel tools as well as other scenarios, such as the compression of IoT sensor data transmissions.
Changelog
2026-02-28:
- Initial version