Skip to main content
SpringerLink
Log in

Communicating Through Subliminal-Free Signatures

  • Conference paper
  • First Online:
Secure IT Systems (NordSec 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13115))

Included in the following conference series:

Abstract

By exploiting the inherent randomness used by certain digital signature protocols, subliminal channels can subvert these protocols without degrading their security. Due to their nature, these channels cannot be easily detected by an outside observer. Therefore, they pose a severe challenge for protocol designers. More precisely, designers consider certain assumptions implicitly, but in reality these assumptions turn out to be false or cannot be enforced or verified. In this paper we exemplify exactly such a situation by presenting several subliminal channels with a small capacity in Zhang et al. and Dong et al.’s subliminal-free signature protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In [6] a fail-stop channel is described, but it can be easily detected due to the protocol being implemented in devices with limited computational power.

  2. 2.

    Note that in certain cases, hash channels [19, 20] create the capability of subliminal communication through these proposals.

  3. 3.

    According to [9, 21], an honest-but-curious adversary is a legitimate participant in a communication protocol who will not deviate from the defined protocol but will attempt to learn all possible information from legitimately received messages.

References

  1. Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes. In: ACM-CCS 2015, pp. 364–375. ACM (2015)

    Google Scholar 

  2. Bohli, J.-M., González Vasco, M.I., Steinwandt, R.: A subliminal-free variant of ECDSA. In: Camenisch, J.L., Collberg, C.S., Johnson, N.F., Sallee, P. (eds.) IH 2006. LNCS, vol. 4437, pp. 375–387. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74124-4_25

    Chapter  Google Scholar 

  3. Choi, J.Y., Golle, P., Jakobsson, M.: Tamper-evident digital signature protecting certification authorities against malware. In: DASC 2006, pp. 37–44. IEEE (2006)

    Google Scholar 

  4. Desmedt, Y.: Simmons’ protocol is not free of subliminal channels. In: Ninth IEEE Computer Security Foundations Workshop, pp. 170–175. IEEE (1996)

    Google Scholar 

  5. Dong, Q., Xiao, G.: A subliminal-free variant of ECDSA using interactive protocol. In: ICEEE 2010, pp. 1–3. IEEE (2010)

    Google Scholar 

  6. Hanzlik, L., Kluczniak, K., Kutyłowski, M.: Controlled randomness – a defense against backdoors in cryptographic devices. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 215–232. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_11

    Chapter  MATH  Google Scholar 

  7. Horster, P., Michels, M., Petersen, H.: Subliminal Channels in Digital Logarithm Based Signature Schemes and How to Avoid Them. Technical Report TR-94-13 (1994)

    Google Scholar 

  8. Lampson, B.W.: A Note on the Confinement Problem. Commun. ACM 16(10), 613–615 (1973)

    Article  Google Scholar 

  9. Paverd, A.J., Martin, A., Brown, I.: Modelling and Automatically Analysing Privacy Properties for Honest-but-Curious Adversaries. Technical report (2014)

    Google Scholar 

  10. Russell, A., Tang, Q., Yung, M., Zhou, H.-S.: Cliptography: clipping the power of kleptographic attacks. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 34–64. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_2

    Chapter  Google Scholar 

  11. Russell, A., Tang, Q., Yung, M., Zhou, H.S.: Generic semantic security against a kleptographic adversary. In: ACM-CCS 2017, pp. 907–922. ACM (2017)

    Google Scholar 

  12. Simmons, G.J.: The prisoners’ problem and the subliminal channel. In: CRYPTO 1983, pp. 51–67. Plenum Press, New York (1983)

    Google Scholar 

  13. Simmons, G.J.: The subliminal channel and digital signatures. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 364–378. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39757-4_25

    Chapter  Google Scholar 

  14. Simmons, G.J.: An introductions to the mathematics of trust in security protocols. In: CSFW 1993, pp. 121–127. IEEE (1993)

    Google Scholar 

  15. Simmons, G.J.: Subliminal communication is easy using the DSA. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 218–232. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_18

    Chapter  Google Scholar 

  16. Simmons, G.J.: Cryptanalysis and protocol failures. Commun. ACM 37(11), 56–65 (1994)

    Article  Google Scholar 

  17. Simmons, G.J.: Subliminal channels; past and present. Eur. Trans. Telecommun. 5(4), 459–474 (1994)

    Article  Google Scholar 

  18. Simmons, G.J.: Results concerning the bandwidth of subliminal channels. IEEE J. Sel. Areas Commun. 16(4), 463–473 (1998)

    Article  Google Scholar 

  19. Teşeleanu, G.: Subliminal hash channels. In: Gueye, C.T., Persichetti, E., Cayrel, P.-L., Buchmann, J. (eds.) A2C 2019. CCIS, vol. 1133, pp. 149–165. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-36237-9_9

    Chapter  Google Scholar 

  20. Chuan-Kun, W.: Hash channels. Comput. Secur. 24(8), 653–661 (2005)

    Article  Google Scholar 

  21. Zhang, Y., Li, H., Li, X., Zhu, H.: Provably secure and subliminal-free variant of schnorr signature. In: Mustofa, K., Neuhold, E.J., Tjoa, A.M., Weippl, E., You, I. (eds.) ICT-EurAsia 2013. LNCS, vol. 7804, pp. 383–391. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36818-9_42

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Mathematics of the Romanian Academy, Bucharest, Romania

    George Teşeleanu

Authors
  1. George Teşeleanu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to George Teşeleanu .

Editor information

Editors and Affiliations

  1. Tampere University, Tampere, Finland

    Nicola Tuveri

  2. Tampere University, Tampere, Finland

    Antonis Michalas

  3. Tampere University, Tampere, Finland

    Billy Bob Brumley

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Teşeleanu, G. (2021). Communicating Through Subliminal-Free Signatures. In: Tuveri, N., Michalas, A., Brumley, B.B. (eds) Secure IT Systems. NordSec 2021. Lecture Notes in Computer Science(), vol 13115. Springer, Cham. https://doi.org/10.1007/978-3-030-91625-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-91625-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-91624-4

  • Online ISBN: 978-3-030-91625-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation