The subliminal channel and digital signatures
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
Subliminal-free authentication and signature
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Pseudo-random generation from one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
SIAM Journal on Computing
Subliminal communication is easy using the DSA
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Unique Signatures and Verifiable Random Functions from the DH-DDH Separation
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Gradual and Verifiable Release of a Secret
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Abuses in Cryptography and How to Fight Them
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract)
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Simmons' protocol is not free of subliminal channels
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Number-theoretic constructions of efficient pseudo-random functions
Journal of the ACM (JACM)
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Malicious Cryptography: Exposing Cryptovirology
Malicious Cryptography: Exposing Cryptovirology
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
Proving in zero-knowledge that a number is the product of two safe primes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On subliminal channels in deterministic signature schemes
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Hi-index | 0.00 |
A mode of operation of the Elliptic Curve Digital Signature Algorithm (ECDSA) is presented which provably excludes subliminal communication through ECDSA signatures. For this, the notion of a signature scheme that is subliminal-free with proof is introduced which can be seen as generalizing subliminal-free signatures and being intermediate to the established concepts of invariant and unique signatures. Motivated by the proposed use of ECDSA for signing passports, our focus is not on proving the mere existence of a subliminal-free ECDSA mode of operation, but on demonstrating its practical potential. The proposed construction relies on the availability of a party acting as warden and on a reasonably-sized non-interactive proof of subliminal-freeness. For instance, in the passport scenario, the passport holder plays the role of the warden, and we show that a suitable combination of the pseudo random function of Naor and Reingold with bit commitments and noninteractive zero-knowledge proofs can be used for accomplishing the required proof of subliminal-freeness with acceptable efficiency.