Paper 2022/953

Big Brother Is Watching You: A Closer Look At Backdoor Construction

Anubhab Baksi, Nanyang Technological University, Singapore
Arghya Bhattacharjee, Indian Statistical Institute, Kolkata
Jakub Breier, Silicon Austria Labs, Graz, Austria
Takanori Isobe, University of Hyogo, Kobe
Mridul Nandi, Indian Statistical Institute, Kolkata

With the advent of Malicious (Peyrin and Wang, Crypto'20), the question of a cipher with an intentional weakness which is only known to its designer has gained its momentum. In their work, the authors discuss how an otherwise secure cipher can be broken by its designer with the help of a secret backdoor (which is not known to the user/attacker). The contribution of Malicious is to propose a cipher-level construction with a backdoor, where it is computationally infeasible to retrieve the backdoor entry despite knowing how the mechanism works. In this work, we revisit the work done by Peyrin and Wang in a greater depth. We discuss the relevant aspects with more clarity, thereby addressing some of the important issues connected to a backdoor construction. The main contribution, however, comes as a new proof-of-concept block cipher with an innate backdoor, named ZUGZWANG. Unlike Malicious, which needs new/experimental concepts like partially non-linear layer; our cipher entirely relies on concepts which are well-established for decades (such as, using a one-way function as a Feistel cipher's state-update), and also offers quite a few advantages over Malicious (easy to visualise, succeeds with probability 1, and so on). Having known the secret backdoor entry, one can recover the secret key with only 1 plaintext query to our cipher; but it is secure otherwise. As the icing on the cake, we show the provable security claims for our cipher.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. International Conference on Security, Privacy and Applied Cryptographic Engineering 2022 (SPACE 2022)
backdoor hash function xof block cipher feistel low-mc malicious low-mc-m provable security sprp white-box
Contact author(s)
anubhab baksi @ ntu edu sg
bhattacharjeearghya29 @ gmail com
jbreier @ jbreier com
takanori isobe @ ai u-hyogo ac jp
mridul nandi @ gmail com
2022-10-31: last of 9 revisions
2022-07-23: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Anubhab Baksi and Arghya Bhattacharjee and Jakub Breier and Takanori Isobe and Mridul Nandi},
      title = {Big Brother Is Watching You: A Closer Look At Backdoor Construction},
      howpublished = {Cryptology ePrint Archive, Paper 2022/953},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.