Subliminal channel
 | This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
In cryptography, subliminal channels are covert channels that can be used to communicate secretly in normal looking communication over an insecure channel.[1] Subliminal channels in digital signature crypto systems were found in 1984 by Gustavus Simmons.
Simmons describes how the "Prisoners' Problem" can be solved through parameter substitution in digital signature algorithms.[2][a]
Examples
[edit]An easy example of a narrowband subliminal channel for normal human-language text would be to define that an even word count in a sentence is associated with the bit "0" and an odd word count with the bit "1". The question "Hello, how do you do?" would therefore send the subliminal message "1".
The Digital Signature Algorithm has one subliminal broadband[3] and three subliminal narrow-band channels[4]
Improvements
[edit]A modification to the Brickell and DeLaurentis signature scheme provides a broadband channel without the necessity to share the authentication key.[5] The Newton channel is not a subliminal channel, but it can be viewed as an enhancement.[6]
Countermeasures
[edit]With the help of the zero-knowledge proof and the commitment scheme it is possible to prevent the usage of the subliminal channel.[7][8]
This countermeasure has a 1-bit subliminal channel because for is the problem that a proof can succeed or purposely fail.[9]
Another countermeasure can detect, and not prevent, the subliminal usage of the randomness.[10]
Notes
[edit]- ^ Simmons' Prisoners' Problem is not the same as the Prisoner's Dilemma.[1]
References
[edit]- ^ a b Gustavus J. Simmons. The Prisoners Problem and the Subliminal Channel. In Advances in Cryptology – CRYPTO ’83, pages 51–67, New York, 1984. Lecture Notes in Computer Science, ed. D. Chaum.
- ^ Gustavus J. Simmons. The subliminal channel and digital signatures. In Proc. of the EUROCRYPT 84 workshop on Advances in Cryptology – theory and application of cryptographic techniques, pages 364–378, New York, NY, USA, 1985. Springer-Verlag New York, Inc. doi:10.1007/3-540-39757-4_25
- ^ Gustavus J. Simmons. Subliminal communication is easy using the DSA. In EUROCRYPT ’93: Workshop on the theory and application of cryptographic techniques on Advances in cryptology, pages 218–232, Secaucus, NJ, USA, 1994. Springer-Verlag New York, Inc.
- ^ Gustavus J. Simmons. The subliminal channel in the U.S. Digital Signature Algorithm (DSA), in Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography (SPRC '93), Rome, Italy, February 15–16, 1993.
- ^ Gustavus J. Simmons. A Secure Subliminal Channel (?). In CRYPTO ’85: Advances in Cryptology, pages 33–41, London, UK, 1986. Springer-Verlag.
- ^ Ross J. Anderson, Serge Vaudenay, Bart Preneel, and Kaisa Nyberg. The Newton Channel. In Proceedings of the First International Workshop on Information Hiding, pages 151–156, London, UK, 1996. Springer-Verlag.
- ^ Yvo Desmedt. Abuses in Cryptography and How to Fight Them. In CRYPTO ’88: Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology, pages 375–389, London, UK, 1990. Springer-Verlag.
- ^ Yvo Desmedt. "Subliminal-free authentication and signature". p. 24 of Christoph G. Günther, editor. "Advances in Cryptology - EUROCRYPT '88". 1988.
- ^ Desmedt, Yvo (1996). "Simmons' Protocol is Not Free of Subliminal Channels". Proc. of 9th IEEE Computer Security Foundations Workshop. pp. 170–175. CiteSeerX 10.1.1.56.4816.
- ^ Choi, Jong Youl; Golle, Philippe; Jakobsson, Markus (2006). "Tamper Evident Digital Signatures: Protecting Certification Authorities Against Malware". Proceedings of the 2nd IEEE International Symposium on Dependable Autonomic and Secure Computing. CiteSeerX 10.1.1.61.9340.
- Bruce Schneier. Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C, 2. Ed. Wiley Computer Publishing, John Wiley & Sons, Inc., 1995.