International Association for Cryptologic Research (IACR)
Abstract
Context. Methods of known kleptography implementations are being investigated. The article focuses mostly on SETUP design of subliminal data leakage channels.
Aim. Suggest approaches to develop SETUP resistant cryptosystems.
Methods. The necessary conditions for SETUP implementation are building in entropy source (otherwise generated secret will be predictable). In this article, it\u27s considered
subscriber whose protocol implementation is suspected to be modified by Developer (the malicious actor who is able to influence on cryptosystem
implementation) to create subliminal leakage channel. The possible countermeasure is to prohibit usage own
random sources for subscribers, enforce generate random values from public counters. %them to use external Trusted Random Number Generation service.
Results. The formal model for basic SETUP scheme has been suggested. Approach to develop SETUP resistant protocols has been described. Two basic
SETUP-resistance protocols
(nonce generation protocol and Diffie-Hellman key agreement protocol) have been proposed
