How to construct random functions
Journal of the ACM (JACM)
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
The advantages of forward thinking in generating rooted and free trees
Proceedings of the tenth annual ACM-SIAM symposium on Discrete algorithms
Complete characterization of security notions for probabilistic private-key encryption
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Communications of the ACM
Introduction to algorithms
Pseudorandomness and Cryptographic Applications
Pseudorandomness and Cryptographic Applications
The Design and Analysis of Computer Algorithms
The Design and Analysis of Computer Algorithms
Asymmetric cryptography with S-Boxes
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Fast Key Exchange with Elliptic Curve Systems
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Patarin's 2-round public key system with S boxes (2R)
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A subliminal channel in secret block ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
| Hi-index | 0.00 |
There has been much recent research in designing symmetric ciphers with backdoors that have either public designs or black-box designs. Current Digital Rights Management needs have resurrected the use of hidden ciphers (which were traditionally suggested by the government as black-box designs) in the form of obfuscated "white-box" algorithms. A recent backdoor proposal is the Monkey cipher which is intended to have a secret design and that can be implemented using any deterministic trapdoor one-way function. Monkey leaks information about its user's key to the designer. The primary drawback of Monkey is that it requires the designer (attacker) to obtain a sufficient number of ciphertexts all under the same symmetric key, such that each contains one known plaintext bit. In this paper a new design is proposed that eliminates the need for known plaintext entirely. Also, whereas Monkey reveals one plaintext bit of each ciphertext to the reverse-engineer (i.e., an entity that tries to learn the black-box device), our solution only leaks a bound on the message entropy to the reverse-engineer, while requiring that the designer obtain a sufficient number of ciphertexts that encrypt messages with a requisite level of redundancy. The information leakage method we use employs "data compression" as a basic tool for generating a hidden information channel. This highlights the need to only encrypt compressed strings when a block cipher with a secret design must be used.