Explore the concept of Cliptography and its role in mitigating kleptographic attacks in this Asiacrypt 2016 conference talk. Delve into the security divide in modern cryptography and the implicit assumption of trustworthy implementations. Examine the threat of kleptography, including subverted RSA key generation and subliminal channel attacks. Learn about the current state of defenses against these threats and the long-term goals of the cliptographic model. Investigate the limitations of conventional wisdom regarding random padding and discover a revised Full Domain Hash (FDH) approach in the cliptographic setting. Conclude with a summary of open problems and recent progress in developing signatures with offline watchdog capabilities.
Cliptography - Clipping the Power of Kleptographic Attacks
Overview
Syllabus
Intro
Modern Crypto
The "Security Divide"
An Implicit Assumption
Implementations are Untrustworthy
Kleptography
RSA Key Generation
A Subverted Implementation
The Attack
The Threat of Klepto Attacks
Subliminal Channel Attack
Status-of-the-Art for Defending
Current Status: Wide Open
Long Term Goal
Cliptographic Model
The Model(s)
What Can the Watchdog Guarantee?
Mitigating Subliminal Channel
One-Way Permutation
Random Padding is Dangerous
Conventional Wisdom
FDH in the Clipto Setting
Revised FDH
Summary
Open Problems
Our Recent Progress: Signature with Offline Watchdog
Taught by
TheIACR
