Hard Communication Channels for Steganography

This paper considers steganography - the concept of hiding the presence of secret messages in legal communications - in the computational setting and its relation to cryptography. Very recently the first (non-polynomial time) steganographic protocol has been shown which, for any communication channel, is provably secure, reliable, and has nearly optimal bandwidth. The security is unconditional, i.e. it does not rely on any unproven complexity-theoretic assumption. This disproves the claim that the existence of one-way functions and access to a communication channel oracle are both necessary and sufficient conditions for the existence of secure steganography in the sense that secure and reliable steganography exists independently of the existence of one-way functions. In this paper, we prove that this equivalence also does not hold in the more realistic setting, where the stegosystem is polynomial time bounded. We prove this by constructing (a) a channel for which secure steganography exists if and only if one-way functions exist and (b) another channel such that secure steganography implies that no one-way functions exist. We therefore show that security-preserving reductions between cryptography and steganography need to be treated very carefully

New Abilities and Limitations of Spectral Graph Bisection

Spectral based heuristics belong to well-known commonly used methods which determines provably minimal graph bisection or outputs "fail" when the optimality cannot be certified. In this paper we focus on Boppana\u27s algorithm which belongs to one of the most prominent methods of this type. It is well known that the algorithm works well in the random planted bisection model - the standard class of graphs for analysis minimum bisection and relevant problems. In 2001 Feige and Kilian posed the question if Boppana\u27s algorithm works well in the semirandom model by Blum and Spencer. In our paper we answer this question affirmatively. We show also that the algorithm achieves similar performance on graph classes which extend the semirandom model. Since the behavior of Boppana\u27s algorithm on the semirandom graphs remained unknown, Feige and Kilian proposed a new semidefinite programming (SDP) based approach and proved that it works on this model. The relationship between the performance of the SDP based algorithm and Boppana\u27s approach was left as an open problem. In this paper we solve the problem in a complete way by proving that the bisection algorithm of Feige and Kilian provides exactly the same results as Boppana\u27s algorithm. As a consequence we get that Boppana\u27s algorithm achieves the optimal threshold for exact cluster recovery in the stochastic block model. On the other hand we prove some limitations of Boppana\u27s approach: we show that if the density difference on the parameters of the planted bisection model is too small then the algorithm fails with high probability in the model

Private Computation: k-Connected versus 1-Connected Networks

We study the role of connectivity of communication networks in private computations under information theoretical settings in the honest-but-curious model. We show that some functions can be 1-privately computed even if the underlying network is 1-connected but not 2-connected. Then we give a complete characterisation of non-degenerate functions that can be 1-privately computed on non-2-connected networks. Furthermore, we present a technique for simulating 1-private protocols that work on arbitrary (complete) networks on k-connected networks. For this simulation, at most $(1 - k/(n - 1)) \cdot L$ additional random bits are needed, where L is the number of bits exchanged in the original protocol and n is the number of players. Finally, we give matching lower and upper bounds for the number of random bits needed to compute the parity function on k-connected networks 1-privately, namely $\lceil (n - 2)/(k - 1) \rceil - 1$ random bits for networks consisting of n player

Act natural! : Having a Private Chat on a Public Blockchain

Chats have become an essential means of interpersonal interaction. Yet untraceable private communication remains an elusive goal, as most messengers hide content, but not communication patterns. The knowledge of communication patterns can by itself reveal too much, as happened e.g., in the context of the Arab Spring. The subliminal channel in cryptographic systems - as introduced by Simmons in his pioneering works - enables untraceable private communication in plain sight. In this context, blockchains are a natural object for subliminal communication: accessing them is innocuous, as they rely on distributed access for verification and extension. At the same time, blockchain transactions generate hundreds of thousands transactions per day that are individually signed and placed on the blockchain. This significantly increases the availability of publicly accessible cryptographic transactions where subliminal channels can be placed. In this paper we propose a public-key subliminal channel using ECDSA signatures on blockchains and prove that our construction is undetectable in the random oracle model under a common cryptographic assumption. While our approach is applicable to any blockchain platform relying on (variants of) ECDSA signatures, we present a proof of concept of our method for the popular Bitcoin protocol and show the simplicity and practicality of our approach

The Sublogarithmic Alternating Space World

This paper tries to fully characterize the properties and relationships of space classes defined by Turing machines that use less than logarithmic space -- may they be deterministic, nondeterministic or alternating (DTM, NTM or ATM). We provide several examples of specific languages and show that such machines are unable to accept these languages. The basic proof method is a nontrivial extension of the 1 n 7! 1 n+n! technique to alternating TMs. Let llog denote the logarithmic function log iterated twice, and \Sigma k Space(S), \Pi k Space(S) be the complexity classes defined by S--space-bounded ATMs that alternate at most k \Gamma 1 times and start in an existential, resp. universal state. Our first result shows that for each k ? 1 the sets \Sigma k Space(llog ) n \Pi k Space(o(log )) and \Pi k Space(llog ) n \Sigma k Space(o(log )) are both not empty. This implies that for each S 2\Omega\Gamma2868 ) " o(log ) the classes \Sigma 1 Space(S) ae \Sigma 2 Space(S) ae \Sigma 3 Space(..

Computational Limitations of Stochastic Turing Machines and Arthur-Merlin Games with Small Space Bounds

A Stochastic Turing machine (STM) is a Turing machine that can perform nondeterministic and probabilistic moves and alternate between both types. Such devices are also called games against nature, Arthur-Merlin games, or interactive proof systems with public coins. We give an overview on complexity classes defined by STMs with space resources between constant and logarithmic size and constant or sublinear bounds on the number of alternations. New lower space bounds are shown for a specific family of languages by exploiting combinatorial properties. These results imply an infinite hierarchy with respect to the number of alternations of STMs, and nonclosure properties of certain classes

The Complexity of Some Basic Problems for Dynamic Process Graphs

A fundamental problem in programming multiprocessors is scheduling elementary tasks on the available hardware efficiently. Traditionally, one represents tasks and precedence constraints by a data-flow graph. This representation requires that the set of tasks is known beforehand