Tamper-Evident Digital Signatures:Protecting Certification Authorities Against Malware
Jong Youl ChoiComputer Science Dept.Indiana University at Bloomington
Philippe GollePalo Alto Research CenterCA, USA
Markus JakobssonSchool of InformaticsIndiana University at Bloomington
Page 2Threats to Certificate Authorities• Certificate repudiation
– A user chooses weak private key – Intentionally let his private key be
leaking discretely for forgery
• Certificate private key leaking– Malicious attack such as Trojan horse– Leaking CA’s private via covert-channel
Page 3
What is a covert channel?• Hidden communication channel• Steganography – Information hiding
Original Image Extracted Image
Page 4Prisoners' problem [Simmons,’93]
• Two prisoners want to exchange messages, but must do so through the warden
• Subliminal channel in DSA
What Plan?
Plan A
Page 5
Leaking attack on RSA-PSS• Random salt is used
for padding string in encryption
• In verification process, salt is extracted from EM
• Hidden informationcan be embedded insalt value RSA-PSS : PKCS #1 V2.1
Page 6
Approaches• Detect leaking• A warden observes outputs from CA
mk
Pseudo Random Number Generator
Sigk
Something hidden?
Certificate Authority
• Malicious attack• Replacement of function
Page 7
Approaches (Cont’d)• Observing is not so easy
because random number ...– looks innocuous– Or, doesn’t reveal any state
• A warden (observer) can be attacked
mk
Pseudo Random Number Generator
Sigk
Something hidden?
Certificate Authority
Page 8
Undercover observer• Signer outputs non-interactive proof
as well as signature• Ambushes until verification is invalid
mk
Pseudo Random Number Generator
Sigk
Page 9
Tamper-evident Chain• Predefined set of random values
in lieu of random number on the fly • Hash chain verification
x1 x2 x3 …. xn Xn+1
Sig1 Sig2 …. Sign
Hash()Hash()Hash()Hash()Hash()
?X1=Hash(X2)
?Xn-1=Hash(Xn)
x’3
Sig’3
?X2=Hash(X3)
Page 10
DSA Signature Scheme• Gen : x y = gx mod p• Sign : m (s, r)
where r = (gk mod p) mod q and s = k-1(h(m) + x r) for random value k
• Verify : For given signature (s, r),u1 = h(m) s-1
u2 = r s-1
and check r=gu1 yu2 mod p mod q
Page 11
Hash chain constructionk1 k2 k3 …. kn kn+1
Sig1Sig2 …. Sign
Hash()Hash()Hash()Hash()Hash()
?X1=Hash(X2)
?Xn-1=Hash(Xn)
k’3
Sig’3
?X2=Hash(X3)
r=gk1 r=gk2 …. r=gknr=gk3
P1 P2….
PnP3 Pn+1
r’=gk3
Page 12
Conclusion• Any leakage from CAs is dangerous• CAs are not strong enough
from malicious attacks• We need observers which are under-
cover• A small additional cost for proofs
Or, Send me email : [email protected]