Results 1 
1 of
1
Monkey: BlackBox Symmetric Ciphers Designed for MONopolizing KEYs
 Fast Software Encryption 1998, Springer LNCS 1372
"... Abstract. We consider the problem of designing a blackbox symmetric cipher that leaks information subliminally and exclusively to the designer. We show how to construct a cipher which we call ‘Monkey’ that leaks one key bit per output block to the designer of the system (in any mode). This key bit ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract. We consider the problem of designing a blackbox symmetric cipher that leaks information subliminally and exclusively to the designer. We show how to construct a cipher which we call ‘Monkey’ that leaks one key bit per output block to the designer of the system (in any mode). This key bit is leaked only if a particular plaintext bit is known to the designer (known bit/message attack which is typically available in plain ASCII). The attack is of kleptographic nature as it gives a unique advantage to the designer while using strong (e.g., externally supplied) keys. The basic new difficulty with the design of spoofable block ciphers is that it is a deterministic function (previous attacks exploited randomness in key generation or message encryption/signature), and the fact that we do not want easy (statistical) observability of the spoofing (e.g., the variability of ciphertexts should be noticeable when keys change etc.). We distinguish between three entities: the designer, the reverseengineer and the user. We show a design methodology that assures that: (1) if the device is not reverseengineered, the attack is secure (namely, the cipher is good) and undetectable, (2) if the device is reverseengineered, then the reverseengineer learns at most one plaintext bit from every ciphertext (but no past/future keys), and (3) the designer learns one plaintext bit and one key bit from each ciphertext block (say in ECB mode). The method is therefore highly robust against reverseengineering. Key words: design methodologies for symmetric ciphers, secret cryptographic algorithms, spoofing, kleptographic attacks, trust, software vs. tamperproof hardware designs, tamperproof reverse engineering, public scrutiny. 1