Cryptography Reference
In-Depth Information
(4) No part of the message is concealed from any of the participating enti-
ties. Hence, the above is an application of authenticity without secrecy
usingPKC, and
A
and
B
can try to cheat as much as they wish without
compromisingthe system.
Analysis and Conclusions
Simmons observed, at the end of [254], that the above mechanism has a direct
analogue for communication between international banks each having branches
in the foreign host country (see Section 5.8). He also gave the opinion that this
methodology is a paradigm for public access systems to important resources or
facilities. It turns out that this opinion was well founded as we have seen from
the multitudinous applications of PKC already demonstrated in this topic.
In 1984, Simmons [256] discovered a problem with the above scheme. Al-
though a built-in feature of the scheme is that it does not allow for a covert
channel to be built into the message (since a process is in place for country
A
to verify this), HAL could still be used to hide a
subliminal channel
(see page
192). What this means is that a channel can be implanted so that country
B
could not detect the use of the covert channel and could not read the hidden
part. In particular, as noted by Simmons [261] in 1993 (with reference to the
Second Strategic Arms Limitation Treaty (SALT II) between the former Soviet
Union and the United States) the subliminal channel could be used to reveal
to the other country which of those silos in the host country were loaded with
missiles and which were empty. What is strikingand decisive about this fact is
that the country in possession of this knowledge would be able to successfully
launch a first strike!
In the early 1990s, Simmons [258] and [259] came up with a proposed solution
to the problem (see also [257], [260], [262]). However, in 1996, Desmedt [65]
provided a counterexample to this claim, and demonstrated how several other
protocols in the literature are susceptible to this problem. This was addressed
by Simmons [263] in 1998. The actual details, includingthe very definition of
subliminal-channel-free protocol
is beyond the scope of this text. For details
consult [65] and [66], as well as the aforementioned papers by Simmons.
The aforementioned subliminal channel idea is even mentioned as a stegano-
graphic technique in the topic on such schemes, [137, page 34].
Search WWH ::
Custom Search