Abstract
In an \(\ell \) out of n threshold scheme, \(\ell \) out of n members must cooperate to recover a secret. A kleptographic attack is a backdoor which can be implemented in an algorithm and further used to retrieve a user’s secret key. We combine the notions of threshold scheme and kleptographic attack to construct the first \(\ell \) out of n threshold kleptographic attack on discrete logarithm based digital signatures and prove its security in the standard and random oracle models.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
A black-box is a device, process or system, whose inputs and outputs are known, but its internal structure or working is not known or accessible to the user (e.g. tamper proof devices).
- 2.
that implements the mechanisms to recover the secrets.
- 3.
We refer the reader to [29].
- 4.
We refer the reader to [12] for a description of AES.
- 5.
at least 2048 bits, better 3072 bits.
- 6.
at least 192 bits, better 256 bits.
- 7.
If V knows his secret key, he is able to detect a SETUP mechanism using its description and parameters (found by means of reverse engineering a black-box, for example).
- 8.
We refer the reader to Sect. 5.
- 9.
We refer the reader to the full version of the paper [32].
- 10.
that uses \(y_M\).
References
Abdalla, M., Bellare, M., Rogaway, P.: DHAES: an encryption scheme based on the diffie-hellman problem. IACR Cryptology ePrint Archive 1999/7 (1999)
Abdalla, M., Bellare, M., Rogaway, P.: The oracle diffie-hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45353-9_12
Albertini, A., Aumasson, J.-P., Eichlseder, M., Mendel, F., Schläffer, M.: Malicious hashing: eve’s variant of SHA-1. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 1–19. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_1
Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes. In: ACM-CCS 2015, pp. 364–375. ACM (2015)
Ball, J., Borger, J., Greenwald, G.: Revealed: how US and UK spy agencies defeat internet privacy and security, 5 September 2013. https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
Bellare, M., Jaeger, J., Kane, D.: Mass-surveillance without the state: strongly undetectable algorithm-substitution attacks. In: ACM-CCS 2015, pp. 1431–1440. ACM (2015)
Bellare, M., Paterson, K.G., Rogaway, P.: Security of symmetric encryption against mass surveillance. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 1–19. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_1
Bellare, M., Rogaway, P.: Minimizing the use of random oracles in authenticated encryption schemes. In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 1–16. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0028457
Bernstein, D.J., Lange, T., Niederhagen, R.: Dual EC: a standardized back door. In: Ryan, P.Y.A., Naccache, D., Quisquater, J.-J. (eds.) The New Codebreakers. LNCS, vol. 9100, pp. 256–281. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49301-4_17
Checkoway, S., et al.: A systematic analysis of the juniper dual EC incident. In: ACM-CCS 2016, pp. 468–479. ACM (2016)
Checkoway, S., et al.: On the practical exploitability of dual EC in TLS implementations. In: USENIX Security Symposium, pp. 319–335. USENIX Association (2014)
Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-662-04722-4
Degabriele, J.P., Farshim, P., Poettering, B.: A more cautious approach to security against mass surveillance. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 579–598. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_28
Degabriele, J.P., Paterson, K.G., Schuldt, J.C.N., Woodage, J.: Backdoors in pseudorandom number generators: possibility and impossibility results. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 403–432. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_15
Dodis, Y., Ganesh, C., Golovnev, A., Juels, A., Ristenpart, T.: A formal treatment of backdoored pseudorandom generators. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 101–126. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_5
Dodis, Y., Mironov, I., Stephens-Davidowitz, N.: Message transmission with reverse firewalls—secure communication on corrupted machines. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 341–372. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_13
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)
Fried, J., Gaudry, P., Heninger, N., Thomé, E.: A kilobit hidden SNFS discrete logarithm computation. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 202–231. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56620-7_8
Gennaro, R., Krawczyk, H., Rabin, T.: Secure hashed diffie-hellman over Non-DDH groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 361–381. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_22
Gordon, D.M.: Designing and detecting trapdoors for discrete log cryptosystems. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 66–75. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_5
Maimuţ, D., Teşeleanu, G.: Secretly embedding trapdoors into contract signing protocols. In: Farshim, P., Simion, E. (eds.) SecITC 2017. LNCS, vol. 10543, pp. 166–186. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69284-5_12
Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Mironov, I., Stephens-Davidowitz, N.: Cryptographic reverse firewalls. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 657–686. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_22
Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. J. ACM (JACM) 51(2), 231–262 (2004)
Perlroth, N., Larson, J., Shane, S.: NSA able to foil basic safeguards of privacy on web, 5 September 2013. https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html
Russell, A., Tang, Q., Yung, M., Zhou, H.-S.: Cliptography: clipping the power of kleptographic attacks. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 34–64. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_2
Russell, A., Tang, Q., Yung, M., Zhou, H.S.: Destroying steganography via amalgamation: kleptographically CPA secure public key encryption. IACR Cryptology ePrint Archive 2016/530 (2016)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. IACR Cryptology ePrint Archive 2004/332 (2004)
Simmons, G.J.: The subliminal channel and digital signatures. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 364–378. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39757-4_25
Simmons, G.J.: Subliminal communication is easy using the DSA. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 218–232. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_18
Teşeleanu, G.: Threshold kleptographic attacks on discrete logarithm based signatures. IACR Cryptology ePrint Archive 2017/953 (2017)
Vazirani, U.V., Vazirani, V.V.: Trapdoor pseudo-random number generators, with applications to protocol design. In: FOCS 1983, pp. 23–30. IEEE (1983)
Young, A., Yung, M.: The dark side of “Black-Box” cryptography or: should we trust capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 89–103. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_8
Young, A., Yung, M.: Kleptography: using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62–74. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_6
Young, A., Yung, M.: The prevalence of kleptographic attacks on discrete-log based cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 264–276. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052241
Young, A., Yung, M.: Malicious Cryptography: Exposing Cryptovirology. Wiley, Hoboken (2004)
Young, A., Yung, M.: Malicious cryptography: kleptographic aspects. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 7–18. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_2
Zheng, Y., Seberry, J.: Immunizing public key cryptosystems against chosen ciphertext attacks. IEEE J. Sel. Areas Commun. 11(5), 715–724 (1993)
Acknowledgments
The author would like to thank Adrian Atanasiu, Alejandro Hevia, Tanja Lange, Diana Maimuţ and Ferucio Laurenţiu Ţiplea, and the anonymous reviewers for their helpful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Teşeleanu, G. (2019). Threshold Kleptographic Attacks on Discrete Logarithm Based Signatures. In: Lange, T., Dunkelman, O. (eds) Progress in Cryptology – LATINCRYPT 2017. LATINCRYPT 2017. Lecture Notes in Computer Science(), vol 11368. Springer, Cham. https://doi.org/10.1007/978-3-030-25283-0_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-25283-0_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25282-3
Online ISBN: 978-3-030-25283-0
eBook Packages: Computer ScienceComputer Science (R0)