Development of SETUP-free cryptographic protocols

Abstract

Today, hybrid cryptosystems are important part in structure of information telecommunication systems. That's why information security measures are extremely crucial at each stage of cryptosystem development life cycle. One of the most important specific of modern cryptosystems is the fact, that they often deployed in unprotected environment and outside the physically secured perimeter. That introduces new attack vectors, e.g. kleptographic attacks which include implementation forgery at endpoints. Such attack types are extremely dangerous because of the victim, who is a participant of some restricted area (electronic document flow, payment system, secure communication etc.), may induce threats for non-compromised participants (e.g., sensitive information leakage). One of the ways to solve mitigate this risks is development subliminal channel free cryptosystems which are resistant against different types of kleptographic attacks. In the article we show results belong to development of SETUP free cryptographic protocol development. Firstly, we suggest formal model for basic ''challenge-response'' protocol with subliminal channel. Using this formal model, we introduce sufficient conditions which lead to impossibility of existence of subliminal channels. Also the theorem about sufficient conditions has been formulated and proved. Further, we suggest improvements of basic protocols -- nonce generation and 1-round Diffie-Hellman key agreement protocol with design that is based of sufficient conditions. Using formalization of suggested enhanced protocols we formulated and proved the theorem about SETUP resistance property for these protocols.  Our results may be useful for other SETUP free protocols development, this will be helpful for increasing security of hybrid cryptosystem.