Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks

We present new algorithm-substitution attacks (ASAs) on symmetric encryption that improve over prior ones in two ways. First, while prior attacks only broke a sub-class of randomized schemes having a property called coin injectivity, our attacks break ALL randomized schemes. Second, while prior attacks are stateful, ours are stateless, achieving a notion of strong undetectability that we formalize. Together this shows that ASAs are an even more dangerous and powerful mass surveillance method than previously thought. Our work serves to increase awareness about what is possible with ASAs and to spur the search for deterrents and counter-measures.

[1]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[2]  Gustavus J. Simmons,et al.  The Subliminal Channel and Digital Signature , 1985, EUROCRYPT.

[3]  Gustavus J. Simmons,et al.  A Secure Subliminal Channel (?) , 1985, CRYPTO.

[4]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[5]  Gustavus J. Simmons,et al.  Subliminal Communication is Easy Using the DSA , 1994, EUROCRYPT.

[6]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[7]  Moti Yung,et al.  The Dark Side of "Black-Box" Cryptography, or: Should We Trust Capstone? , 1996, CRYPTO.

[8]  Vincent Rijmen,et al.  A Family of Trapdoor Ciphers , 1997, FSE.

[9]  Louis Goubin,et al.  Asymmetric cryptography with S-Boxes , 1997, ICICS.

[10]  Moti Yung,et al.  Kleptography: Using Cryptography Against Cryptography , 1997, EUROCRYPT.

[11]  Moti Yung,et al.  Monkey: Black-Box Symmetric Ciphers Designed for MONopolizing KEYs , 1998, FSE.

[12]  Kenneth G. Paterson,et al.  Imprimitive Permutation Groups and Trapdoors in Iterated Block Ciphers , 1999, FSE.

[13]  Moti Yung,et al.  Backdoor Attacks on Black-Box Ciphers Exploiting Low-Entropy Plaintexts , 2003, ACISP.

[14]  Benny Pinkas,et al.  The Design and Implementation of Protocol-Based Hidden Key Recovery , 2003, ISC.

[15]  Moti Yung,et al.  A Subliminal Channel in Secret Block Ciphers , 2004, Selected Areas in Cryptography.

[16]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[17]  Kenneth G. Paterson,et al.  Security of Symmetric Encryption against Mass Surveillance , 2014, IACR Cryptol. ePrint Arch..

[18]  Ilya Mironov,et al.  Cryptographic Reverse Firewalls , 2015, EUROCRYPT.

[19]  Giuseppe Ateniese,et al.  Subversion-Resilient Signature Schemes , 2015, IACR Cryptol. ePrint Arch..

[20]  Moti Yung,et al.  Cliptography: Clipping the Power of Kleptographic Attacks , 2016, ASIACRYPT.

[21]  Bruce Schneier,et al.  Surreptitiously Weakening Cryptographic Systems , 2015, IACR Cryptol. ePrint Arch..

[22]  Pooya Farshim,et al.  A More Cautious Approach to Security Against Mass Surveillance , 2015, FSE.

[23]  Yevgeniy Dodis,et al.  A Formal Treatment of Backdoored Pseudorandom Generators , 2015, EUROCRYPT.