An efficient probabilistic public key encryption scheme which hides all partial information
Proceedings of CRYPTO 84 on Advances in cryptology
Efficient factoring based on partial information
Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
Zero knowledge proofs of identity
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
How to prove all NP-statements in zero-knowledge, and a methodology of cryptographic protocol design
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
IEEE Spectrum
Subliminal-free authentication and signature
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Non-interactive zero-knowledge and its applications
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Encryption and Secure Computer Networks
ACM Computing Surveys (CSUR)
A note on the confinement problem
Communications of the ACM
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Verification of Treaty Compliance -- Revisited
SP '83 Proceedings of the 1983 IEEE Symposium on Security and Privacy
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Making conditionally secure cryptosystems unconditionally abuse-free in a general context
CRYPTO '89 Proceedings on Advances in cryptology
Simmons' protocol is not free of subliminal channels
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
| Hi-index | 0.02 |
The following seems quite familiar: "Alice and Bob want to flip a coin by telephone. (They have just divorced, live in different countries, want to decide who will have the children during the next holiday.)..." So they use [Blu82]'s (or an improved) protocol. However, Alice and Bob's divorce has been set up to cover up their spying activities. When they use [Blu82]'s protocol, they don't care if the "coin-flip" is random, but they want to abuse the protocol to send secret information to each other. The counter-espionage service, however, doesn't know that the divorce and the use of the [Blu82]'s protocol are just cover-ups.In this paper, we demonstrate how several modern crypto-systems can be abused. We generalize [Sim83b]'s subliminal channel and [DGB87]'s abuse of the [FFS87, FS86] identification systems and demonstrate how one can prevent abuses of cryptosystems.