Development of SETUP-free cryptographic protocols

Authors

  • Богдан Анатолійович Коваленко Національний технічний університет України «Київський політехнічний інститут ім. І. І. Сікорського»

DOI:

https://doi.org/10.18372/2225-5036.25.13840

Keywords:

kleptography, SETUP, Diffie-Hellman key agreement, hybrid cryptosystem, subliminal channel, challenge-response protocol

Abstract

Today, hybrid cryptosystems are important part in structure of information telecommunication systems. That's why information security measures are extremely crucial at each stage of cryptosystem development life cycle. One of the most important specific of modern cryptosystems is the fact, that they often deployed in unprotected environment and outside the physically secured perimeter. That introduces new attack vectors, e.g. kleptographic attacks which include implementation forgery at endpoints. Such attack types are extremely dangerous because of the victim, who is a participant of some restricted area (electronic document flow, payment system, secure communication etc.), may induce threats for non-compromised participants (e.g., sensitive information leakage). One of the ways to solve mitigate this risks is development subliminal channel free cryptosystems which are resistant against different types of kleptographic attacks. In the article we show results belong to development of SETUP free cryptographic protocol development. Firstly, we suggest formal model for basic ''challenge-response'' protocol with subliminal channel. Using this formal model, we introduce sufficient conditions which lead to impossibility of existence of subliminal channels. Also the theorem about sufficient conditions has been formulated and proved. Further, we suggest improvements of basic protocols -- nonce generation and 1-round Diffie-Hellman key agreement protocol with design that is based of sufficient conditions. Using formalization of suggested enhanced protocols we formulated and proved the theorem about SETUP resistance property for these protocols.  Our results may be useful for other SETUP free protocols development, this will be helpful for increasing security of hybrid cryptosystem.

Author Biography

Богдан Анатолійович Коваленко, Національний технічний університет України «Київський політехнічний інститут ім. І. І. Сікорського»

інженер інформаційної безпеки

References

A. Atanasiu, R. Olimid, E. Simion, "On the security of black-box implementation of visual secret sharing schemes", Journal of Mobile, Embedded and Distributed Systems, no. 4(1):1-11, 2012.

Côme Berbain and Henri Gilbert, "On the security of iv dependent stream ciphers", Fast Software Encryption, pp. 254-273, 2007.

A. Young, M. Yung, "The Dark Side of “Black-Box” Cryptography or: Should We Trust Capstone?", pp. 89-103, 1996.

A. Young, M. Yung, "Kleptography: Using Cryptography Against Cryptography", pp. 62-74, 1997.

Published

2019-08-30

Issue

Section

Cryptology