Information-hiding techniques have recently become important in a number of application areas. Digital audio, video, and pictures are increasingly furnished with distinguishing but imperceptible marks, which may contain a hidden copyright notice or serial number or even help to prevent unauthorized copying directly. Military communications systems make increasing use of traffic security techniques which, rather than merely concealing the content of a message using encryption, seek to conceal its sender, its receiver, or its very existence. Similar techniques are used in some mobile phone systems and schemes proposed for digital elections. Criminals try to use whatever traffic security properties are provided intentionally or otherwise in the available communications systems, and police forces try to restrict their use. However, many of the techniques proposed in this young and rapidly evolving field can trace their history back to antiquity, and many of them are surprisingly easy to circumvent. In this article, we try to give an overview of the field, of what we know, what works, what does not, and what are the interesting topics for research.

/pdf/information-hiding-a-survey-wve0ipfu9n.pdf

Computer Security — ESORICS 98

Information hiding-a survey

A weak pseudorandom function (wPRF) is a cryptographic primitive similar to --- but weaker than --- a pseudorandom function: for wPRFs one only requires that the output is pseudorandom when queried on random inputs. We show that unlike "normal" PRFs, wPRFs are seed-incompressible, in the sense that the output of a wPRF is pseudorandom even if a bounded amount of information about the key is leaked.

As an application of this result we construct a simple mode of operation which --- when instantiated with any wPRF --- gives a leakage-resilient stream-cipher. The implementation of such a cipher is secure against every side-channel attack, as long as the amount of information leaked per round is bounded, but overall can be arbitrary large. The construction is simpler than the previous one (Dziembowski-Pietrzak FOCS'08) as it only uses a single primitive (a wPRF) in a straight forward manner.

/pdf/a-leakage-resilient-mode-of-operation-4lg175pblk.pdf

A Leakage-Resilient Mode of Operation

Audit trail patterns generated on behalf of a Unix process canb e used to model the process behavior. Most of the approaches proposed so far use a table of fixed-length patterns to represent the process model. However, variable-length patterns seem to be more naturally suited to model the process behavior, but they are also more difficult to construct. In this paper, we present a novel technique to build a table of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for discovering rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment, and compare it with the intrusion-detection system proposed by Forrest et al. [8], which is based on fixed-length patterns. The results achieved with our novel method are significantly better than those obtained with the original method based on fixed-length patterns.

/pdf/intrusion-detection-using-variable-length-audit-trail-36748ensqq.pdf

Intrusion Detection Using Variable-Length Audit Trail Patterns

In this work we present a security model for low-value transactions in ad-hoc networks in which we focus on authentication since this is the core requirement for commercial transactions. After a brief introduction to the ad-hoc networking paradigm we give a survey of various existing models and analyze them in terms of scope and applications. It is concluded that no appropriate and satisfactory model for low-value transactions in ad-hoc networks has been developed to date. Our new model is derived from previous models dealing with trust and security in ad-hoc networks, and does not require devices with strong processors as public-key systems. We base the model on a recommendation and reference protocol that is inspired by human behavior and that is in accordance with the very nature of ad-hoc networks.

A Distributed Light-Weight Authentication Model for Ad-hoc Networks

Blind signatures are the central cryptographic component of digital cash schemes. In this paper, we investigate the security of the first such scheme proposed, namely Chaum's RSA-based blind signature scheme, in the random-oracle model. This leads us to formulate and investigate a new class of RSA-related computational problems which we call the "one-more-RSA-inversion" problems. Our main result is that two problems in this class which we call the chosen-target and knowntarget inversion problems, have polynomially-equivalent computational complexity. This leads to a proof of security for Chaum's scheme in the random oracle model based on the assumed hardness of either of these problems.

Computer Security — ESORICS 98

Citations

Information hiding-a survey

A Leakage-Resilient Mode of Operation

Intrusion Detection Using Variable-Length Audit Trail Patterns

A Distributed Light-Weight Authentication Model for Ad-hoc Networks

The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme

Related Papers (5)

Advances in Cryptology — CRYPTO’ 99

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

Differential Power Analysis

Advances in Cryptology - CRYPTO '97

The inductive approach to verifying cryptographic protocols