2015
DOI: 10.1007/978-3-662-48116-5_28
|View full text |Cite
|
Sign up to set email alerts
|

A More Cautious Approach to Security Against Mass Surveillance

Abstract: At CRYPTO 2014 Bellare, Paterson, and Rogaway (BPR) presented a formal treatment of symmetric encryption in the light of algorithm-substitution attacks (ASAs), which may be employed by 'big brother' entities for the scope of mass surveillance. Roughly speaking, in ASAs big brother may bias ciphertexts to establish a covert channel to leak vital cryptographic information. In this work, we identify a seemingly benign assumption implicit in BPR's treatment and argue that it artificially (and severely) limits big … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

0
52
2
1

Year Published

2016
2016
2020
2020

Publication Types

Select...
6
2
1

Relationship

0
9

Authors

Journals

citations
Cited by 58 publications
(55 citation statements)
references
References 22 publications
0
52
2
1
Order By: Relevance
“…Degabriele, Farshim and Poettering [12] critique and refine our definitions. Ateniese, Magri and Venturi [3] study ASAs on signature schemes.…”
mentioning
confidence: 92%
“…Degabriele, Farshim and Poettering [12] critique and refine our definitions. Ateniese, Magri and Venturi [3] study ASAs on signature schemes.…”
mentioning
confidence: 92%
“…Note that they defined a very weak model, where the only goal of the attacker was to distinguish between two ciphertexts, but mostly used a stronger scenario with the aim to recover the encryption key. Degabriele et al criticized the model of [7] by pointing out the results crucially rely on the fact that a subverted encryption algorithm always needs to produce valid ciphertexts (the decryptability assumption) and proposed a refined security notion [13]. The model of algorithm substitution attacks introduced in [7] was extended to signature schemes by Ateniese et al in [2].…”
Section: Introductionmentioning
confidence: 99%
“…Note that the notion of ASA is very similar to that of "kleptographic" attack in the early literature [6]. Note also that Degabriele, Farshim and Poettering recently refined and improved BPR's security notions related to ASA [3].…”
Section: Introductionmentioning
confidence: 89%
“…Motivation. Since Edward Snowden revealed that the US and UK governments made a great deal of effort to subvert widely deployed cryptographic systems [4], algorithm substitution attack (ASA) [1] on cryptographic schemes has been being actively explored [2], [3], [5]. ASA, proposed by Bellare, Paterson and Rogaway (BPR), refers to an activity whereby a saboteur [5] (or a big brother [1], [6]) replaces an original implementation of a cryptographic scheme with a subverted one.…”
Section: Introductionmentioning
confidence: 99%