Kleptography: Using Cryptography Against Cryptography - A. Young

1
Kleptography Using Cryptography Against
Cryptography- A. Young M. Yung

• Srivaishnavi
• 2002A7PS149

2
Agenda

• Black Box Cryptosystems
• Subliminal channel
• Kleptography
• Kleptographic attack on Diffie-Hellman key
  exchange protocol

3
Black Box Cryptosystems

• Implemented in such a way that the underlying
  implementation cannot be scrutinized.
• Has public I/O specification and its general
  functionality is disclosed (though the true
  functionality could differ).
• E.g. Smart Cards, Cryptosystems implemented in
  software

4
Subliminal Channel

• An information transmission channel that can be
  used to send information out of (or potentially
  into) a cryptosystem.
• Characterized by the inability to be detected
  when in use

5
Kleptography

• Kleptography is the study of stealing information
  securely and subliminally.
• It is dedicated to (re)searching ways of
  obtaining data in an undetectable fashion with
  high security guarantees.
• It is a formal cryptographic study of backdoor
  designs (beyond the naïve common attacks that are
  detectable e.g. weak random generation).
• Extension of subliminal channel
• Robust against reverse-engineering
• confidentiality of the stolen information holds
  even after the black-box is opened and inspected.
  

6
Goal of kleptography

• To develop a robust backdoor within a
  cryptosystem that
• Provides the attacker with the desired secret
  information (e.g., private key of the user)
• Cannot be detected in black-box implementations
  except by the attacker
• If a reverse-engineer (i.e., not the attacker)
  breaches the black-box, then the previously
  stolen information remains confidential. Ideally,
  confidentiality holds going forward as well.

7
Secretly Embedded Trapdoor with Universal
Protection (SETUP)

• If C is a black-box cryptosystem with a
  publicly known specification, a SETUP mechanism
  is an algorithmic modification made to C to get
  C such that
• C C are efficient algorithms
• Input of C agrees with the public specification
  of the input of C
• Output of C agrees with the public specification
  of the output of C. At the same time, it contains
  published bits (of the users secret key) which
  are easily derivable by the attacker and not by
  others.
• Outputs C and C are polynomially
  indistinguishable to everyone except the attacker

8
Leakage Bandwidth

• Leakage Bandwidth A (m,n) leakage scheme is a
  SETUP mechanism that leaks m keys over n keys
  that are output by the cryptographic device
  (mltn).

9
Diffie Hellman protocol

• Alice chooses a randomly
• Alice sends A ga mod p to Bob
• Bob chooses b randomly
• Bob sends B gb mod p to Alice
• Alice computes k Ba mod p
• Bob computes k Ab mod p
• k Ba Ab mod p since gba gab mod p

10
Assumptions for the DH SETUP attack

• The black-box can store state information across
  invocations of the Diffie-Hellman algorithm
  (non-volatile memory).
• The attacker can act as a passive eavesdropper on
  all of Alice and Bobs key exchanges.

11
Parameters for the DH SETUP attack

• xm private key of attacker
• ym public key corresponding to xm. Hence, ym
  gxm mod p. ym is placed inside the black-box that
  Alice uses.
• ID A random and secret bit string in Alices
  device (Identifier).
• H hash function generating values less than F(p)

12
(1,2) SETUP Attack

• First exchange
• Alices device sends A1 ga1 mod p to Bob
• Alices device stores a1 in non-volatile memory
• Bobs device sends B1 gb1 mod p to Alice
• Alice and Bobs devices compute k1 ga1b1 mod p
• Second exchange
• Alices device computes a2 H(ID (yma1 mod
  p))
• Alices device sends A2 ga2 mod p to Bob
• Bobs device sends B2 gb2 mod p to Alice
• Alice and Bobs devices compute k2 ga2b2 mod p

13
Recovering the 2nd DH Shared Secret

• The attacker
• Obtains A1 and B2 via passive eavesdropping.
• Computes a2 H(ID (A1xm mod p))
• Computes k2 B2a2 mod p
• A1xm mod p ga1xm yma1 gxma1 mod p
• Note Only attacker can perform these
  calculations since xm is known only to him

14

• a2 calculated as follows
• t e (0,1) chosen at random
• z ga1-Wt ym-c1a1-c2 mod p
• a2 H(z)
• A2 ga2 mod p
• W,c1 c2 fixed values

15
To show outputs of C C are polynomially
indistinguishable

• Let g1 g-xmc2-W, g2 g-xmc2, g3 g1-c1xm
• yma1c1c2gWtz ga1 mod p
• z g-xmc2-Wtg(1-c1xm) a1 gig3a1 mod p
• gi g3u mod p, for some integer u
• z g3 a1u mod p
• a1 uniformly chosen -gt z is uniformly distributed
• H is a pseudo-random function (whose domain is
  Zp-1).
• Therefore, a2 is distributed uniformly -gt values
  output by C C are polynomially
  indistinguishable

16
(l,l1) leakage bandwidth

• By chaining together the values that are leaked.
• a3 H(ID (yma2 mod p))
• ga3 mod p used in the next exchange
• When this is done l times, l contiguous DH keys
  are leaked.
• After l times, a1 is chosen entirely random
  ensuring all contaminated keys behave differently.

17
Conclusions

• Vulnerability of black-box cryptosystems
• Security of kleptographic attack shows that DH
  algorithm is provably insecure
• Can be extended to RSA and other algorithms

18
References

• The Dark Side of Black Box Cryptography A.
  Young M.Yung
• Kleptography Using Cryptography against
  Cryptography - A. Young M. Yung

19
Questions?
20
Thank You