"Act natural!": Having a Private Chat on a Public Blockchain

Chats have become an essential means of interpersonal interaction. Yet untraceable private communication remains an elusive goal, as most messengers hide content, but not communication patterns. The knowledge of communication patterns can by itself reveal too much, as happened e. g., in the context of the Arab Spring. The subliminal channel in cryptographic systems – as introduced by Simmons in his pioneering works – enables untraceable private communication in plain sight. In this context, blockchains are a natural object for subliminal communication: accessing them is innocuous, as they rely on distributed access for verification and extension. At the same time, blockchain transactions generate hundreds of thousands transactions per day that are individually signed and placed on the blockchain. This significantly increases the availability of publicly accessible cryptographic transactions where subliminal channels can be placed. In this paper we propose a public-key subliminal channel using ECDSA signatures on blockchains and prove that our construction is undetectable in the random oracle model under a common cryptographic assumption. While our approach is applicable to any blockchain platform relying on (variants of) ECDSA signatures, we present a proof of concept of our method for the popular Bitcoin protocol and show the simplicity and practicality of our approach.

[1]  Matthew Green,et al.  Meteor: Cryptographically Secure Steganography for Realistic Distributions , 2021, IACR Cryptol. ePrint Arch..

[2]  Cas J. F. Cremers,et al.  The Provable Security of Ed25519: Theory and Practice , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[3]  Zhijie Zhang,et al.  An approach of covert communication based on the Ethereum whisper protocol in blockchain , 2020, Int. J. Intell. Syst..

[4]  Liehuang Zhu,et al.  Whispers on Ethereum: Blockchain-based Covert Data Embedding Schemes , 2020, BSCI.

[5]  Keke Gai,et al.  Achieving a Covert Channel over an Open Blockchain Network , 2020, IEEE Network.

[6]  Oded Goldreich,et al.  Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali , 2019, Providing Sound Foundations for Cryptography.

[7]  Chang Liu,et al.  DLchain: A Covert Channel over Blockchain Based on Dynamic Labels , 2019, ICICS.

[8]  Akbari Indra Basuki,et al.  Joint Transaction-Image Steganography for High Capacity Covert Communication , 2019, 2019 International Conference on Computer, Control, Informatics and its Applications (IC3INA).

[9]  Moti Yung,et al.  Let a Non-barking Watchdog Bite: Cliptographic Signatures with an Offline Watchdog , 2019, Public Key Cryptography.

[10]  Nadia Heninger,et al.  Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies , 2019, IACR Cryptol. ePrint Arch..

[11]  Yi Wang,et al.  Asymmetric subversion attacks on signature and identification schemes , 2019, Pers. Ubiquitous Comput..

[12]  Ali Yazici,et al.  A Decentralized Application for Secure Messaging in a Trustless Environment , 2018, 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT).

[13]  Nick Knupffer Intel Corporation , 2018, The Grants Register 2019.

[14]  Juha Partala,et al.  Provably Secure Covert Communication on Blockchain , 2018, Cryptogr..

[15]  Feng Hao,et al.  ZombieCoin 2.0: managing next-generation botnets using Bitcoin , 2018, International Journal of Information Security.

[16]  Tanja Zseby,et al.  ChainChannels: Private Botnet Communication Over Public Blockchains , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[17]  2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) , 2018 .

[18]  Silas Richelson,et al.  How to Subvert Backdoored Encryption: Security Against Adversaries that Decrypt All Ciphertexts , 2018, IACR Cryptol. ePrint Arch..

[19]  Maciej Liskiewicz,et al.  On the Gold Standard for Security of Universal Steganography , 2018, IACR Cryptol. ePrint Arch..

[20]  Eike Kiltz,et al.  On the One-Per-Message Unforgeability of (EC)DSA and its Variants , 2017, IACR Cryptol. ePrint Arch..

[21]  Moti Yung,et al.  Generic Semantic Security against a Kleptographic Adversary , 2017, CCS.

[22]  Tanja Zseby,et al.  A Subliminal Channel in EdDSA: Information Leakage with High-Speed Signatures , 2017, MIST@CCS.

[23]  Maciej Liskiewicz,et al.  Algorithm Substitution Attacks from a Steganographic Perspective , 2017, CCS.

[24]  Moti Yung,et al.  Cliptography: Clipping the Power of Kleptographic Attacks , 2016, ASIACRYPT.

[25]  Eike Kiltz,et al.  On the Provable Security of (EC)DSA Signatures , 2016, CCS.

[26]  Dana Dachman-Soled,et al.  Efficient Concurrent Covert Computation of String Equality and Set Intersection , 2016, CT-RSA.

[27]  Mihir Bellare,et al.  Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks , 2015, IACR Cryptol. ePrint Arch..

[28]  Claudio Orlandi,et al.  How To Bootstrap Anonymous Communication , 2015, IACR Cryptol. ePrint Arch..

[29]  Marco Chiesa,et al.  Analysis of country-wide internet outages caused by censorship , 2011, IMC '11.

[30]  Nesir Rasool Mahmood,et al.  Public Key Steganography , 2014 .

[31]  Kenneth G. Paterson,et al.  Security of Symmetric Encryption against Mass Surveillance , 2014, IACR Cryptol. ePrint Arch..

[32]  Xiaoqing Li,et al.  Provably Secure and Subliminal-Free Variant of Schnorr Signature , 2013, ICT-EurAsia.

[33]  Vinod Yegneswaran,et al.  StegoTorus: a camouflage proxy for the Tor anonymity system , 2012, CCS.

[34]  P. Howard,et al.  The Upheavals in Egypt and Tunisia: The Role of Digital Media , 2011 .

[35]  Vipul Goyal,et al.  On the round complexity of covert computation , 2010, STOC '10.

[36]  Abhi Shelat,et al.  Collusion-Free Multiparty Computation in the Mediated Model , 2009, CRYPTO.

[37]  Rafail Ostrovsky,et al.  Covert Multi-Party Computation , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[38]  John Langford,et al.  Covert two-party computation , 2005, STOC '05.

[39]  Abhi Shelat,et al.  Collusion-free protocols , 2005, STOC '05.

[40]  Daniel R. L. Brown Generic Groups, Collision Resistance, and ECDSA , 2005, Des. Codes Cryptogr..

[41]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[42]  John Langford,et al.  Provably Secure Steganography , 2002, IEEE Transactions on Computers.

[43]  Stefan Katzenbeisser,et al.  Defining security in steganographic systems , 2002, IS&T/SPIE Electronic Imaging.

[44]  E. Delp,et al.  Security and Watermarking of Multimedia Contents IV , 2002 .

[45]  Christian Cachin,et al.  An information-theoretic model for steganography , 1998, Inf. Comput..

[46]  Moti Yung,et al.  Kleptography: Using Cryptography Against Cryptography , 1997, EUROCRYPT.

[47]  Moti Yung,et al.  A Progress Report on Subliminal-Free Channels , 1996, Information Hiding.

[48]  Gustavus J. Simmons,et al.  Subliminal Communication is Easy Using the DSA , 1994, EUROCRYPT.

[49]  Giuseppe Ateniese,et al.  Subversion-resilient signatures: Definitions, constructions and applications , 2020, Theor. Comput. Sci..

[50]  Zhang Zhijie,et al.  A Covert Communication Method Using Special Bitcoin Addresses Generated by Vanitygen , 2020, Computers, Materials & Continua.

[51]  Yuval Ishai,et al.  On Pseudorandom Encodings , 2020, IACR Cryptol. ePrint Arch..

[52]  Moti Yung,et al.  Subvert KEM to Break DEM: Practical Algorithm-Substitution Attacks on Public-Key Encryption , 2020, IACR Cryptol. ePrint Arch..

[53]  Qixu Liu,et al.  CoinBot: A Covert Botnet in the Cryptocurrency Network , 2020, ICICS.

[54]  Tanja Zseby,et al.  Subliminal Channels in High-Speed Signatures , 2018, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[55]  Alon Rosen,et al.  Pseudorandom Functions: Three Decades Later , 2017, Tutorials on the Foundations of Cryptography.

[56]  Jennifer Granick,et al.  We Kill People Based on Metadata , 2017 .

[57]  Michael J. Willis,et al.  Civil resistance in the Arab Spring : triumphs and disasters , 2016 .

[58]  Nelly Fazio,et al.  Broadcast Steganography , 2013, CT-RSA.

[59]  Bruce Schneier,et al.  Cryptography Engineering - Design Principles and Practical Applications , 2010 .

[60]  Carl Eklund,et al.  National Institute for Standards and Technology , 2009, Encyclopedia of Biometrics.

[61]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[62]  Kazumaro Aoki,et al.  SEC X.2: Recommended Elliptic Curve Domain Parameters , 2008 .

[63]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[64]  Arbeitsgruppe Systemsicherheit On Subliminal Channels in Deterministic Signature Schemes , 2022 .

[65]  Simmons,et al.  The Subliminal Channel and Digital Signatures , 2022 .