Kleptography
Kleptography ( altgr. κλέπτειν kléptein "steal" and - graphy ) deals with the secure and covert theft of (protected) information. Kleptography is a branch of cryptography and crypto- virology. It is also an extension of the theory of the hidden channels, which has been researched by Gus Simmons. Related is Kleptography with steganography.
Term introduction
The term Kleptography was introduced by Adam Young and Moti Yung in the Proceedings of Advances in Cryptology - Crypto '96 '. A kleptographischer attack is a forward engineering attack that incorporates an asymmetric backdoor in a cryptosystem or in a cryptographic protocol. Can be manipulated in this way, for example, a smart card, a Dynamic Link Library, a computer program or a hardware security module (HSM ).
Special
What makes this type of attack is that the manipulation used asymmetric cryptology. In contrast to a symmetric backdoor, to which everyone has access, who knows the backdoor, an asymmetric backdoor can be used exclusively by the individual attacker, who einbaute. Although the exact design of the backdoors would be published, it would be used only if one knows the set of the attacker's data. Furthermore, the costs of the infected cryptosystem are computationally indistinguishable from those of a corresponding uninfected cryptosystem. Therefore, the attack will most likely go unnoticed in black-box implementations (eg in smart cards or HSMs ). Because of the asymmetry, even a successful reverse engineer, at best, detect the presence of an asymmetric backdoors - but he can not use them.
Kleptographische attacks can be built both as a crypto Trojan that infects a cryptosystem and opens a backdoor for the attacker, as also be implemented directly by the manufacturer of a cryptosystem. The attack does not necessarily reveal the entire output of the cryptosystem; a more complicated method of attack can alternate between the production of safe, uninfected spending and generating uncertainty, provided with the back door data.
Kleptographische attacks have been published for the RSA key generation, the Diffie -Hellman key exchange, the Digital Signature Algorithm and other cryptographic algorithms and protocols. The SSL, SSH and IPsec protocols are vulnerable to attacks kleptographische. In any case, the attacker can compromise the cryptographic algorithm, by checking the information in the backdoor information is contained (for example the public key, the digital signature, the key exchange messages, etc.), and then the logic of the asymmetric backdoor with his secret key (usually a private key ) applies.
A. Juels and J. Guajardo proposed a method ( KEGVER ), in which a third party can verify the unmanipulated RSA key generation: It is a kind of distributed key generation is used, wherein the secret key, only a black box is known, however - so you can make sure that the key generation has not been modified and that the private key can not be revealed by a kleptografischen attack.
In effect, you can follow four specific examples kleptographischer attacks (including a simplified SETUP attack against RSA) in JCrypTool 1.0, the platform - independent part of the open source project CrypTool. The prevention kleptografischer attacks by KEGVER will be implemented as a demonstration in JCT.