Abstract
Subliminal channels axe closely related to covert channels and are used to hide secret information. They abuse the communications resource. Subliminal channels can be introduced in many cryptographic systems, and exploit the inherent randomness of the systems. For example, secret information can be hidden in the randomness of the authenticators of an authentication system. Similarly secret information can be hidden in the randomness (of the prover or verifier) of both zero-knowledge proof systems and signature systems.
To establish a subliminal channel the cryptosystem is abused, that is, used in a different way and for a different purpose than intended by its designer. A particularly obnoxious type of subliminal channel may be activated by abortive halting.
For state-of-the-art security, it may be desirable to detect, and if possible prevent, subliminal channels. In this paper we address the problem of whether it is possible to develop (and if so, how) appropriate techniques for detecting or preventing the use of such channels. Several such techniques have already been proposed in the literature, and are suitable for many systems. We review these. We also consider recent developments, in particular with regards to the formal security requirements and their impact on research.
Supported by NSF NCR9004879.
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Goldreich, O.: On defining proofs of knowledge. In Advances in Cryptology — Crypto '92, Proceedings (Lecture Notes in Computer Science 740) (1993) E. F. Brickell, Ed. Springer-Verlag pp. 390–420.
Bengio, S., Brassard, G., Desmedt, Y. G., Goutier, C., Quisquater, J.-J.: Secure implementations of identification systems. Journal of Cryptology 4 (1991) 175–183.
Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge Journal of Computer and System Sciences, vol. 37 (2), 1988, pp. 156–189.
Blum, M.: Coin flipping by telephone — A protocol for solving impossible problems. Digest of papers COMPCON82, IEEE Computer Society, 1982, pp. 133–137
Burmester, M., Desmedt, Y., Yung, M.: Subliminal-free channels: a solution towards covert-free channels. In Symposium on Computer Security, Threats and Countermeasures (1991) pp. 188–197.
Burmester, M. V. D., Desmedt, Y.: All languages in NP have divertible zero-knowledge proofs and arguments under cryptographic assumptions. In Advances in Cryptology, Proc. of Eurocrypt '90 (Lecture Notes in Computer Science 473) (1991) I. Damgård, Ed. Springer-Verlag pp. 1–10.
Burmester, M., Desmedt, Y., Itoh, T., Sakurai, K., and Shizuya, H.: Divertible and subliminal-free zero-knowledge proofs of languages. Submitted 1993, under revision.
Cleve R.: Limits on the security of coin flips when half the processors are fault. Proceedings of the eighteenth annual ACM Symp. Theory of Computing, STOC, 1986, pp. 364–369.
Desmedt Y.: Protecting against Abuses of Cryptosystems in Particular in the Context of Verification of Peace Treaties. Sequences (Combinatorics, Compression. Security, and Transmission), R. M. Capocelli, Ed, Springer-Verlag, 1990, pp. 394–405.
Desmedt, Y.: Subliminal-free authentication and signature. In Advances in Cryptology, Proc. of Eurocrypt '88 (Lecture Notes in Computer Science 330) (May 1988) C. G. Günther, Ed. Springer-Verlag pp. 23–33.
Desmedt, Y.: Abuses in cryptography and how to fight them. In Advances in Cryptology — Crypto '88, Proceedings (Lecture Notes in Computer Science 403) (1990) S. Goldwasser, Ed. Springer-Verlag pp. 375–389.
Desmedt, Y.: Making conditionally secure cryptosystems unconditionally abuse-free in a general context. In Advances in Cryptology — Crypto '89, Proceedings (Lecture Notes in Computer Science 435) (1990) G. Brassard, Ed. Springer-Verlag pp. 6–16.
Desmedt, Y.: Subliminal-free sharing schemes. Proceedings 1994 IEEE International Symposium on Information Theory, Trondheim, Norway, 1994, p. 490.
Desmedt, Y.: Simmons' Protocol is not free of subliminal channels. To be presented at the 9th IEEE Computer Security Foundations Workshop, County Kerry, Ireland, June 10–12, 1996, to appear in the proceedings.
Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the Fiat-Shamir passport protocol. In Advances in Cryptology, Proc. of Crypto '87 (Lecture Notes in Computer Science 293) (1988) C. Pomerance, Ed. Springer-Verlag pp. 21–39.
Desmedt, Y., Yung, M.: Unconditional subliminal-freeness in unconditional authentication systems. In Proceedings 1991 IEEE International Symposium on Information Theory (Budapest, Hungary, June 24–28, 1991) p. 176. Full paper in preparation.
Desmedt, Y., Yung, M.: Minimal cryptosystems and defining subliminal-freeness. In Proceedings 1994 IEEE International Symposium on Information Theory (Trondheim, Norway, June 27–July 1, 1994) p. 347.
Feige, U., Fiat, A., Shamir, A.: Zero knowledge proofs of identity. Journal of Cryptology 1 (1988) 77–94.
Diffie, W., Hellman, M. E.: New directions in cryptography. IEEE Trans. Inform. Theory, vol. IT-22 (6), pp. 644–654 1976.
Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology, Proc. of Crypto '86 (Lecture Notes in Computer Science 263) (1987) A. Odlyzko, Ed. Springer-Verlag pp. 186–194.
Galil, S., Haber, S., Yung, M.: Minimum-knowledge interactive proofs for decision problems. Siam J. Comput., vol. 18, pp. 711–739, August 1989.
Goldwasser, S., Micali, S.: Probabilistic Encryption. Journal of Computer and System Sciences, vol. 28 (2), pp. 270–299, 1984.
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. Siam J. Comput., vol. 18, pp. 186–208, February 1989.
Itoh, T., Sakurai, K., Shizuya, H.: Any language in IP has a divertible ZKIP. In Advances in Cryptology — Asiacrypt '91, Proceedings (Lecture Notes in Computer Science 739) (1993) H. Imai, R. L. Rivest, and T. Matsumoto, Eds. Springer-Verlag pp. 382–396.
Jones, T. C., Seberry, J.: Authentication without secrecy. ARS Combinatoria 21 (1986) 115–121.
Lampson, B. W.: A note on the confinement problem. Comm. ACM, vol. 16 (10), pp. 613–615, 1973.
Okamoto, T., Ohta, K.: Divertible zero knowledge interactive proofs and commutative random self-reducibility. In Advances in Cryptology, Proc. of Eurocrypt '89 (Lecture Notes in Computer Science 434) (1990) J.-J. Quisquater and J. Vandewalle, Eds. Springer-Verlag pp. 134–149.
Shannon, C. E.: A Mathematical Theory of Communications. Bell System Techn. Jour., vol. 27, pp. 623–656 1948.
Simmons, G. J.: The prisoners' problem and the subliminal channel. In Advances in Cryptology. Proc. of Crypto 83 (1984) D. Chaum, Ed. Plenum Press N.Y. pp. 51–67.
Simmons, G. J.: Verification of Treaty Compliance-Revisited. Proc. of the 1983 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Oakland, 1983, pp. 61–66.
Simmons, G. J.: The subliminal channel and digital signatures. In Advances in Cryptology. Proc. of Eurocrypt 84 (Lecture Notes in Computer Science 209) (1985) T. Beth, N. Cot, and I. Ingemarsson, Eds. Springer-Verlag, Berlin pp. 364–378.
Simmons, G. J.: The secure subliminal channel (?). In Advances in Cryptology: Crypto '85, Proceedings (Lecture Notes in Computer Science 218) (1986) H. C. Williams, Ed. Springer-Verlag pp. 33–41.
Simmons, G. J.: An introduction to the mathematics of trust in security protocols. In Proceedings: Computer Security Foundations Workshop VI (1993) IEEE Computer Society Press. pp. 121–127.
Simmons, G. J.: The subliminal channels in the U.S. digital signature algorithm (DSA). In Proceedings of the 3rd Symposium on: State and Progress of Research in Cryptography (February 15–16, 1993) W. Wolfowicz, Ed. pp. 35–54.
Simmons, G. J.: Cryptanalysis and protocol failures. Commun. ACM 37 (1994) 56–65.
Simmons, G. J.: Subliminal channels; past and present. European Trans. on Telecommunications 5 (1994) 459–473.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Burmester, M., Desmedt, Y.G., Itoh, T., Sakurai, K., Shizuya, H., Yung, M. (1996). A progress report on subliminal-free channels. In: Anderson, R. (eds) Information Hiding. IH 1996. Lecture Notes in Computer Science, vol 1174. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-61996-8_39
Download citation
DOI: https://doi.org/10.1007/3-540-61996-8_39
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61996-3
Online ISBN: 978-3-540-49589-5
eBook Packages: Springer Book Archive