Abstract
Many evidences have showed that some intelligence agencies (often called big brother) attempt to monitor citizens’ communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms. Since legalized services on large number of various applications and system architectures depend on digital signature techniques, in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques, have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures. As rapid progress in quantum computers, National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure. Motivated by these issues, we design an algorithm substitution attack against Fiat-Shamir family based on lattices (e.g., BLISS, BG, Ring-TESLA, PASSSign and GLP) that are proven post-quantum computational secure. We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public. Security proof shows that our schemes satisfy key extraction, undetectability and deterability. Through parameters analysis and performance evaluation, we demonstrate that our deterring subverted Fiat-Shamir signature is practical, which means that it can be applied to privacy and protection in some system architectures.
Highlights
IntroductionSince the first computer was intruded, hackers have been developing the technology of “backdoor” which allows them to enter the system again
We provide some countermeasures against algorithm substitution attack (ASA) by using double authentication preventing signatures (DAPS) to deter the big brother’s threaten
Security proof shows that our construction satisfies three different security and privacy requirements
Summary
Since the first computer was intruded, hackers have been developing the technology of “backdoor” which allows them to enter the system again. After choosing a few concrete parameters employed in the PRG, an attacker or any adversary is not able to differentiate exports on PRG from any random number but can forecast following exports[5] In this circumstances, post-Snowden cryptography attracts much of attentions in recent years. The ASA method is capable of any attacker or old big brother to substitute a few of pieces of randomized encryption algorithms or signature algorithms with a modified one such that it can leak secret keys subliminally and undetectably to the adversary. We present ASA against those schemes that any three consecutive subverted signatures can extract signing keys.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
