Abstract
The use of cryptographic devices as “black boxes”, namely trusting their internal designs, has been suggested and in fact Capstone technology is offered as a next generation hardware-protected escrow encryption technology. Software cryptographic servers and programs are being offered as well, for use as library functions, as cryptography gets more and more prevalent in computing environments. The question we address in this paper is how the usage of cryptography as a black box exposes users to various threats and attacks that are undetectable in a black-box environment. We present the SETUP (Secretly Embedded Trapdoor with Universal Protection) mechanism, which can be embedded in a cryptographic black-box device. It enables an attacker (the manufacturer) to get the user’s secret (from some stage of the output process of the device) in an unnoticeable fashion, yet protects against attacks by others and against reverse engineering (thus, maintaining the relative advantage of the actual attacker). We also show how the SETUP can, in fact, be employed for the design of “auto-escrowing key” systems. We present embeddings of SETUPs in RSA, El-Gamal, DSA, and private key systems (Kerberos). We implemented an RSA key-generation based SETUP that performs favorably when compared to PGP, a readily available RSA implementation. We also relate message-based SETUPs and subliminal channel attacks. Finally, we reflect on the potential implications of “trust management” in the context of the design and production of cryptosystems.
Chapter PDF
Similar content being viewed by others
Key words
References
W. Alexi, B. Chor, O. Goldreich and C. Schnorr. RSA and Rabin Functions: Certain Parts are as Hard as the Whole. In SIAM Journal of Computing, volume 17, n. 2, pages 194–209, April 1988.
G. E. Andrews, “Number Theory,” page 100, 1971. Dover Publications Inc.
E. Bach. How To Generate Factored Random Numbers. In SIAM Journal of Computing, volume 17, n. 2, April 1988.
M. Blaze, J. Feigenbaum and F.T. Leighton. Masterkey Cryptosystems, CRYPTO 95 Rump session, Aug. 1995.
Yvo Desmedt. Abuses in Cryptography and How to Fight Them. In Advances in Cryptology—CRYPTO’ 88, pages 375–389, Berlin, 1990. Springer-Verlag.
W. Diffie, Personal Communication.
Proposed Federal Information Processing Standard for Digital Signature Standard (DSS). In volume 56, n. 169 of Federal Register, pages 42980–42982, 1991.
T. ElGamal. A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In Advances in Cryptology—CRYPTO’ 84, pages 10–18, Berlin, 1985. Springer-Verlag.
Matthew B. Hastings, private communication.
J. Killian and F. T. Leighton. Fair Cryptosystems Revisited. In Advances in Cryptology—CRYPTO’ 95, pages 208–221, Berlin, 1995. Springer-Verlag.
J. Lacy, D. Mitchell, W. Schell. CryptoLib: Cryptography in Software. AT&T Bell Laboratories, section 2.2.1.
D. Mitchell, M. Blaze. truerand.c, AT&T Laboratories, 1995.
B. C. Neuman, T. Ts’o. Kerberos: An Authentication Service for Computer Networks. In IEEE Communications Magazine, pages 33–38, Sept. 1994.
M. Rabin. A Public-key and Signature Scheme as Secure as Factoring, MIT Tech. Report, 1978.
R. Rivest, A. Shamir, L. Adleman. A method for obtaining Digital Signatures and Public-Key Cryptosystems. In Communications of the ACM, volume 21, n. 2, pages 120–126, 1978.
G. J. Simmons. The Subliminal Channel and Digital Signatures. In Advances in Cryptology—EUROCRYPT’ 84, pages 51–57, Berlin, 1985. Springer-Verlag.
G. J. Simmons. Subliminal Channels: Past and Present. In European Trans. on Telecommunication, 5(4), 1994, PAGES 459–473.
K. Thompson. Reflections on Trusting Trust. In Communications of the ACM, volume 27, n. 8, August 1984.
D. Wheeler, R. Needham. Tiny Encryption Algorithm (TEA). In Fast Software Encryption: second international workshop, volume 1008 of Lecture Notes in computer science, Dec. 1994. Springer.
Phil Zimmerman. PGP User’s Guide, 4 Dec. 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Young, A., Yung, M. (1996). The Dark Side of “Black-Box” Cryptography or: Should We Trust Capstone?. In: Koblitz, N. (eds) Advances in Cryptology — CRYPTO ’96. CRYPTO 1996. Lecture Notes in Computer Science, vol 1109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68697-5_8
Download citation
DOI: https://doi.org/10.1007/3-540-68697-5_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61512-5
Online ISBN: 978-3-540-68697-2
eBook Packages: Springer Book Archive