Title: Subliminal channels in high-speed signatures
Language: English
Authors: Hartl, Alexander Rudolf 
Qualification level: Diploma
Advisor: Zseby, Tanja 
Assisting Advisor: Annessi, Robert 
Issue Date: 2018
Number of Pages: 76
Qualification level: Diploma
Abstract: 
One of the fundamental building blocks for achieving security in data networks is the use of digital signatures. A digital signature is a bit string which allows the receiver of a message to ensure that the message indeed originated from the apparent sender and has not been altered along the path. In certain cases, however, the functioning of signature schemes allows an adversary to additionally utilize the signature string as a hidden information channel. These channels are termed subliminal channels and have been known and tolerated since the 80s. Due to the recent progress in the development of high-speed signature algorithms, however, application scenarios for digital signatures become feasible that lead to a large exploitable bit rate for data exfiltration, given that the deployed signature scheme allows the utilization as subliminal channel. This thesis shows how certain high-speed signature schemes can be exploited to carry hidden information. In particular, we analyse the recent EdDSA signature scheme, which yields substantial future potential, as well as the class of Multivariate Quadratic (MQ) signature schemes. We discuss how an adversary can proceed to embed and recover subliminal information and what bit rate the adversary can achieve for transmitting hidden information. Scenarios like signed NTP broadcasts, signed sensor data transmissions and the TLS key exchange are depicted, where the existence of a subliminal channel gives rise to new attack possibilities threatening network security. To confirm these findings we discuss the results of performed experiments, which attest a considerable subliminal bandwidth to the analysed signature schemes. Furthermore, we depict several methods for preventing the exploitation of subliminal channels in EdDSA, but we have to conclude that none of them is viable in a practical situation, reinforcing the threats that originate from the described subliminal channels.
Keywords: digital signatures; subliminal channels; network security
URI: https://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-114206
http://hdl.handle.net/20.500.12708/1857
Library ID: AC15065414
Organisation: E389 - Institute of Telecommunications 
Publication Type: Thesis
Hochschulschrift
Appears in Collections:Thesis

Files in this item:


Page view(s)

32
checked on Jul 28, 2021

Download(s)

80
checked on Jul 28, 2021

Google ScholarTM

Check


Items in reposiTUm are protected by copyright, with all rights reserved, unless otherwise indicated.