Skip to main content
SpringerLink
Log in

A progress report on subliminal-free channels

  • Conference paper
  • First Online:
Information Hiding (IH 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1174))

Included in the following conference series:

Abstract

Subliminal channels axe closely related to covert channels and are used to hide secret information. They abuse the communications resource. Subliminal channels can be introduced in many cryptographic systems, and exploit the inherent randomness of the systems. For example, secret information can be hidden in the randomness of the authenticators of an authentication system. Similarly secret information can be hidden in the randomness (of the prover or verifier) of both zero-knowledge proof systems and signature systems.

To establish a subliminal channel the cryptosystem is abused, that is, used in a different way and for a different purpose than intended by its designer. A particularly obnoxious type of subliminal channel may be activated by abortive halting.

For state-of-the-art security, it may be desirable to detect, and if possible prevent, subliminal channels. In this paper we address the problem of whether it is possible to develop (and if so, how) appropriate techniques for detecting or preventing the use of such channels. Several such techniques have already been proposed in the literature, and are suitable for many systems. We review these. We also consider recent developments, in particular with regards to the formal security requirements and their impact on research.

Supported by NSF NCR9004879.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Goldreich, O.: On defining proofs of knowledge. In Advances in Cryptology — Crypto '92, Proceedings (Lecture Notes in Computer Science 740) (1993) E. F. Brickell, Ed. Springer-Verlag pp. 390–420.

    Google Scholar 

  2. Bengio, S., Brassard, G., Desmedt, Y. G., Goutier, C., Quisquater, J.-J.: Secure implementations of identification systems. Journal of Cryptology 4 (1991) 175–183.

    Google Scholar 

  3. Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge Journal of Computer and System Sciences, vol. 37 (2), 1988, pp. 156–189.

    Article  Google Scholar 

  4. Blum, M.: Coin flipping by telephone — A protocol for solving impossible problems. Digest of papers COMPCON82, IEEE Computer Society, 1982, pp. 133–137

    Google Scholar 

  5. Burmester, M., Desmedt, Y., Yung, M.: Subliminal-free channels: a solution towards covert-free channels. In Symposium on Computer Security, Threats and Countermeasures (1991) pp. 188–197.

    Google Scholar 

  6. Burmester, M. V. D., Desmedt, Y.: All languages in NP have divertible zero-knowledge proofs and arguments under cryptographic assumptions. In Advances in Cryptology, Proc. of Eurocrypt '90 (Lecture Notes in Computer Science 473) (1991) I. Damgård, Ed. Springer-Verlag pp. 1–10.

    Google Scholar 

  7. Burmester, M., Desmedt, Y., Itoh, T., Sakurai, K., and Shizuya, H.: Divertible and subliminal-free zero-knowledge proofs of languages. Submitted 1993, under revision.

    Google Scholar 

  8. Cleve R.: Limits on the security of coin flips when half the processors are fault. Proceedings of the eighteenth annual ACM Symp. Theory of Computing, STOC, 1986, pp. 364–369.

    Google Scholar 

  9. Desmedt Y.: Protecting against Abuses of Cryptosystems in Particular in the Context of Verification of Peace Treaties. Sequences (Combinatorics, Compression. Security, and Transmission), R. M. Capocelli, Ed, Springer-Verlag, 1990, pp. 394–405.

    Google Scholar 

  10. Desmedt, Y.: Subliminal-free authentication and signature. In Advances in Cryptology, Proc. of Eurocrypt '88 (Lecture Notes in Computer Science 330) (May 1988) C. G. Günther, Ed. Springer-Verlag pp. 23–33.

    Google Scholar 

  11. Desmedt, Y.: Abuses in cryptography and how to fight them. In Advances in Cryptology — Crypto '88, Proceedings (Lecture Notes in Computer Science 403) (1990) S. Goldwasser, Ed. Springer-Verlag pp. 375–389.

    Google Scholar 

  12. Desmedt, Y.: Making conditionally secure cryptosystems unconditionally abuse-free in a general context. In Advances in Cryptology — Crypto '89, Proceedings (Lecture Notes in Computer Science 435) (1990) G. Brassard, Ed. Springer-Verlag pp. 6–16.

    Google Scholar 

  13. Desmedt, Y.: Subliminal-free sharing schemes. Proceedings 1994 IEEE International Symposium on Information Theory, Trondheim, Norway, 1994, p. 490.

    Google Scholar 

  14. Desmedt, Y.: Simmons' Protocol is not free of subliminal channels. To be presented at the 9th IEEE Computer Security Foundations Workshop, County Kerry, Ireland, June 10–12, 1996, to appear in the proceedings.

    Google Scholar 

  15. Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the Fiat-Shamir passport protocol. In Advances in Cryptology, Proc. of Crypto '87 (Lecture Notes in Computer Science 293) (1988) C. Pomerance, Ed. Springer-Verlag pp. 21–39.

    Google Scholar 

  16. Desmedt, Y., Yung, M.: Unconditional subliminal-freeness in unconditional authentication systems. In Proceedings 1991 IEEE International Symposium on Information Theory (Budapest, Hungary, June 24–28, 1991) p. 176. Full paper in preparation.

    Google Scholar 

  17. Desmedt, Y., Yung, M.: Minimal cryptosystems and defining subliminal-freeness. In Proceedings 1994 IEEE International Symposium on Information Theory (Trondheim, Norway, June 27–July 1, 1994) p. 347.

    Google Scholar 

  18. Feige, U., Fiat, A., Shamir, A.: Zero knowledge proofs of identity. Journal of Cryptology 1 (1988) 77–94.

    Google Scholar 

  19. Diffie, W., Hellman, M. E.: New directions in cryptography. IEEE Trans. Inform. Theory, vol. IT-22 (6), pp. 644–654 1976.

    Article  Google Scholar 

  20. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology, Proc. of Crypto '86 (Lecture Notes in Computer Science 263) (1987) A. Odlyzko, Ed. Springer-Verlag pp. 186–194.

    Google Scholar 

  21. Galil, S., Haber, S., Yung, M.: Minimum-knowledge interactive proofs for decision problems. Siam J. Comput., vol. 18, pp. 711–739, August 1989.

    Google Scholar 

  22. Goldwasser, S., Micali, S.: Probabilistic Encryption. Journal of Computer and System Sciences, vol. 28 (2), pp. 270–299, 1984.

    Google Scholar 

  23. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. Siam J. Comput., vol. 18, pp. 186–208, February 1989.

    Article  Google Scholar 

  24. Itoh, T., Sakurai, K., Shizuya, H.: Any language in IP has a divertible ZKIP. In Advances in Cryptology — Asiacrypt '91, Proceedings (Lecture Notes in Computer Science 739) (1993) H. Imai, R. L. Rivest, and T. Matsumoto, Eds. Springer-Verlag pp. 382–396.

    Google Scholar 

  25. Jones, T. C., Seberry, J.: Authentication without secrecy. ARS Combinatoria 21 (1986) 115–121.

    Google Scholar 

  26. Lampson, B. W.: A note on the confinement problem. Comm. ACM, vol. 16 (10), pp. 613–615, 1973.

    Google Scholar 

  27. Okamoto, T., Ohta, K.: Divertible zero knowledge interactive proofs and commutative random self-reducibility. In Advances in Cryptology, Proc. of Eurocrypt '89 (Lecture Notes in Computer Science 434) (1990) J.-J. Quisquater and J. Vandewalle, Eds. Springer-Verlag pp. 134–149.

    Google Scholar 

  28. Shannon, C. E.: A Mathematical Theory of Communications. Bell System Techn. Jour., vol. 27, pp. 623–656 1948.

    Google Scholar 

  29. Simmons, G. J.: The prisoners' problem and the subliminal channel. In Advances in Cryptology. Proc. of Crypto 83 (1984) D. Chaum, Ed. Plenum Press N.Y. pp. 51–67.

    Google Scholar 

  30. Simmons, G. J.: Verification of Treaty Compliance-Revisited. Proc. of the 1983 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Oakland, 1983, pp. 61–66.

    Google Scholar 

  31. Simmons, G. J.: The subliminal channel and digital signatures. In Advances in Cryptology. Proc. of Eurocrypt 84 (Lecture Notes in Computer Science 209) (1985) T. Beth, N. Cot, and I. Ingemarsson, Eds. Springer-Verlag, Berlin pp. 364–378.

    Google Scholar 

  32. Simmons, G. J.: The secure subliminal channel (?). In Advances in Cryptology: Crypto '85, Proceedings (Lecture Notes in Computer Science 218) (1986) H. C. Williams, Ed. Springer-Verlag pp. 33–41.

    Google Scholar 

  33. Simmons, G. J.: An introduction to the mathematics of trust in security protocols. In Proceedings: Computer Security Foundations Workshop VI (1993) IEEE Computer Society Press. pp. 121–127.

    Google Scholar 

  34. Simmons, G. J.: The subliminal channels in the U.S. digital signature algorithm (DSA). In Proceedings of the 3rd Symposium on: State and Progress of Research in Cryptography (February 15–16, 1993) W. Wolfowicz, Ed. pp. 35–54.

    Google Scholar 

  35. Simmons, G. J.: Cryptanalysis and protocol failures. Commun. ACM 37 (1994) 56–65.

    Google Scholar 

  36. Simmons, G. J.: Subliminal channels; past and present. European Trans. on Telecommunications 5 (1994) 459–473.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Royal Holloway - University of London, TW20 OEX, Egham, Surrey, UK

    Mike Burmester

  2. Department of EE & CS, University of Wisconsin, Milwaukee, P.O. Box 784, WI 53201, Milwaukee, USA

    Yvo G. Desmedt

  3. Department of Information Processing, Interdisciplinary Graduate School of Science and Engineering, Tokyo Institute of Technology, Midori-ku, 226, Yokohama, Japan

    Toshiya Itoh

  4. Department of Computer Science and Communication Engineering, Kyushu University, 6-10-1 Hakozaki, Higashi-ku, 812-81, Fukuoka, Japan

    Kouichi Sakurai

  5. Education Centre for Information Processing, Tohoku University, Kawauchi, Aobaku, 980-77, Sendai, Japan

    Hiroki Shizuya

  6. T.J. Watson Research Centre, IBM, 10598, Yorktown Hights, NY, USA

    Moti Yung

Authors
  1. Mike Burmester
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yvo G. Desmedt
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Toshiya Itoh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kouichi Sakurai
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hiroki Shizuya
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Moti Yung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Ross Anderson

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Burmester, M., Desmedt, Y.G., Itoh, T., Sakurai, K., Shizuya, H., Yung, M. (1996). A progress report on subliminal-free channels. In: Anderson, R. (eds) Information Hiding. IH 1996. Lecture Notes in Computer Science, vol 1174. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-61996-8_39

Download citation

  • DOI: https://doi.org/10.1007/3-540-61996-8_39

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61996-3

  • Online ISBN: 978-3-540-49589-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation