Subliminal Hash Channels

Due to their nature, subliminal channels are mostly regarded as being malicious, but due to recent legislation efforts users\u27 perception might change. Such channels can be used to subvert digital signature protocols without degrading the security of the underlying primitive. Thus, it is natural to find countermeasures and devise subliminal-free signatures. In this paper we discuss state-of-the-art countermeasures and introduce a generic method to bypass them

Immunizing public key cryptosystems against chosen ciphertext attacks

This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any ciphertexts, except for the exact object ciphertext to be cryptanalyzed. The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions, and the third on the use of digital signature schemes. Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields. Security of the three example cryptosystems is formally proved. Two other issues, namely, applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information authentication capability to the cryptosystems, are also discussed

Threshold Kleptographic Attacks on Discrete Logarithm Based Signatures

In an $\ell$ out of $n$ threshold scheme, $\ell$ out of $n$ members must cooperate to recover a secret. A kleptographic attack is a backdoor which can be implemented in an algorithm and further used to retrieve a user\u27s secret key. We combine the notions of threshold scheme and kleptographic attack to construct the first $\ell$ out of $n$ threshold kleptographic attack on discrete logarithm based digital signatures and prove its security in the standard and random oracle models

The zheng-seberry public key cryptosystem and signcryption

In 1993 Zheng-Seberry presented a public key cryptosystem that was considered efficient and secure in the sense of indistinguishability of encryptions (IND) against an adaptively chosen ciphertext adversary (CCA2). This thesis shows the Zheng-Seberry scheme is not secure as a CCA2 adversary can break the scheme in the sense of IND. In 1998 Cramer-Shoup presented a scheme that was secure against an IND-CCA2 adversary and whose proof relied only on standard assumptions. This thesis modifies this proof and applies it to a modified version of the El-Gamal scheme. This resulted in a provably secure scheme relying on the Random Oracle (RO) model, which is more efficient than the original Cramer-Shoup scheme. Although the RO model assumption is needed for security of this new El-Gamal variant, it only relies on it in a minimal way