Paper 2017/984

Self-Guarding Cryptographic Protocols against Algorithm Substitution Attacks

Marc Fischlin and Sogol Mazaheri

Abstract

We put forward the notion of self-guarding cryptographic protocols as a countermeasure to algorithm substitution attacks. Such self-guarding protocols can prevent undesirable leakage by subverted algorithms if one has the guarantee that the system has been properly working in an initialization phase. Unlike detection-based solutions they thus proactively thwart attacks, and unlike reverse firewalls they do not assume an online external party. We present constructions of basic primitives for (public-key and private-key) encryption and for signatures. We also argue that the model captures attacks with malicious hardware tokens and show how to self-guard a PUF-based key exchange protocol.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. IEEE CSF 2018
DOI
10.1109/CSF.2018.00013
Contact author(s)
sogol mazaheri @ cryptoplexity de
History
2018-08-20: last of 2 revisions
2017-10-09: received
See all versions
Short URL
https://ia.cr/2017/984
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/984,
      author = {Marc Fischlin and Sogol Mazaheri},
      title = {Self-Guarding Cryptographic Protocols against Algorithm Substitution Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2017/984},
      year = {2017},
      doi = {10.1109/CSF.2018.00013},
      note = {\url{https://eprint.iacr.org/2017/984}},
      url = {https://eprint.iacr.org/2017/984}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.