on the gold standard for security of universal
play

On the Gold Standard for Security of Universal Steganography - PowerPoint PPT Presentation

Dec 29, 2022 •290 likes •652 views

On the Gold Standard for Security of Universal Steganography Sebastian Berndt and Maciej Likiewicz Institute of Theoretical Computer Science, Universitt zu Lbeck EUROCRYPT, 2018 Steganography / Subliminal Communication Modern

  1. On the Gold Standard for Security of Universal Steganography Sebastian Berndt and Maciej Liśkiewicz Institute of Theoretical Computer Science, Universität zu Lübeck EUROCRYPT, 2018

  2. Steganography / Subliminal Communication Modern steganography: popular due to the prisoners’ problem by Simmons (1984) Many steganographic software exist An information-theoretic model: Cachin (1998) The computational model secret-key steganography: Hopper, Langford, and von Ahn (2002), and Katzenbeisser and Petitcolas (2002) (Universal / generic) secure secret-key steganography exists Secure public-key steganography – many problem open On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 2 / 14

  3. Steganography / Subliminal Communication Modern steganography: popular due to the prisoners’ problem by Simmons (1984) Many steganographic software exist An information-theoretic model: Cachin (1998) The computational model secret-key steganography: Hopper, Langford, and von Ahn (2002), and Katzenbeisser and Petitcolas (2002) (Universal / generic) secure secret-key steganography exists Secure public-key steganography – many problem open On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 2 / 14

  4. Steganography d from channel C Alice Bob d m m Encoder Decoder Warden Steganography in d ? On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 3 / 14

  5. Steganography d from channel C Alice Bob d m m Encoder Decoder Warden Steganography in d ? On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 3 / 14

  6. Steganography d from channel C Alice Bob d m m Encoder Decoder Warden Steganography in d ? On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 3 / 14

  7. Steganography d from channel C Alice Bob d m m Encoder Decoder Warden Steganography in d ? On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 3 / 14

  8. Public-Key Steganography Security Channels Applicability von Ahn and Hopper 2003 passive universal possible Backes and Cachin 2005 RCCA universal possible Hopper 2005 CCA single constr. channel possible Hopper 2005: Does universal CCA-secure public-key steganograps exist? On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 4 / 14

  9. Public-Key Steganography Security Channels Applicability von Ahn and Hopper 2003 passive universal possible Backes and Cachin 2005 RCCA universal possible Hopper 2005 CCA single constr. channel possible This work CCA all memoryless channels possible This work CCA universal impossible On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 4 / 14

  10. Public-Key Steganography Channel and Stegosystem A channel C : a function, that maps every history hist – a sequence of previously seen documents – to a probability distribution on documents A stegosystem S = ( S . Gen , S . Enc , S . Dec ) on a channel C : ( pk, sk ) ← S . Gen ( κ ) The stegoencoder generates d 1 , . . . , d l ← S . Enc C ( pk, m, hist ) having an access to the sampling oracle C with history hist The stegodecoder : m ′ ← S . Dec ( sk, d 1 . . . , d l ) S is reliable if w.h.p. S . Dec ( sk, S . Enc C ( pk, m, hist , m )) = m On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 5 / 14

  11. Public-Key Steganography Channel and Stegosystem A channel C : a function, that maps every history hist – a sequence of previously seen documents – to a probability distribution on documents A stegosystem S = ( S . Gen , S . Enc , S . Dec ) on a channel C : ( pk, sk ) ← S . Gen ( κ ) The stegoencoder generates d 1 , . . . , d l ← S . Enc C ( pk, m, hist ) having an access to the sampling oracle C with history hist The stegodecoder : m ′ ← S . Dec ( sk, d 1 . . . , d l ) S is reliable if w.h.p. S . Dec ( sk, S . Enc C ( pk, m, hist , m )) = m On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 5 / 14

  12. Public-Key Steganography Channel and Stegosystem A channel C : a function, that maps every history hist – a sequence of previously seen documents – to a probability distribution on documents A stegosystem S = ( S . Gen , S . Enc , S . Dec ) on a channel C : ( pk, sk ) ← S . Gen ( κ ) The stegoencoder generates d 1 , . . . , d l ← S . Enc C ( pk, m, hist ) having an access to the sampling oracle C with history hist The stegodecoder : m ′ ← S . Dec ( sk, d 1 . . . , d l ) S is reliable if w.h.p. S . Dec ( sk, S . Enc C ( pk, m, hist , m )) = m On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 5 / 14

  13. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  14. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  15. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  16. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  17. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  18. Public-Key Steganography Chosen-Covertext Attack channel C m Encoder Decoder d 1 , d 2 , . . . d m 1 , m 2 , . . . Warden Steganography in d ? Chosen-Covertext Attack ( CCA ) : as Chosen-Ciphertext Attack Replayable-Chosen-Covertext Attack ( RCCA ) : No Replays d i is a replay to d if Dec ( d i ) = Dec ( d ) On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 6 / 14

  19. Public-Key Steganography CCA- Security CCA-security game: CCA ( Ward , S , C , κ ) 1: ( pk, sk ) ← S . Gen ( 1 κ ) 2: ( m ∗ , hist ∗ ) ← Ward . Find Dec sk ( pk ) 3: b ← { 0 , 1 } 4: if b = 0 then d ∗ ← S . Enc C ( pk, m ∗ , hist ∗ ) 5: 6: else d ∗ ← C l 7: hist ∗ 8: b ′ ← Ward . Guess Dec sk,d ∗ ( pk, m ∗ , hist ∗ , d ∗ ) 9: return b = b ′ S is called CCA-secure against C if for every Ward the advantage | Pr [ CCA ( Ward , S , C , κ ) = true ] − 1 / 2 | ≤ negl On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 7 / 14

  20. Public-Key Steganography CCA- Security CCA-security game: CCA ( Ward , S , C , κ ) 1: ( pk, sk ) ← S . Gen ( 1 κ ) 2: ( m ∗ , hist ∗ ) ← Ward . Find Dec sk ( pk ) 3: b ← { 0 , 1 } 4: if b = 0 then d ∗ ← S . Enc C ( pk, m ∗ , hist ∗ ) 5: 6: else d ∗ ← C l 7: hist ∗ 8: b ′ ← Ward . Guess Dec sk,d ∗ ( pk, m ∗ , hist ∗ , d ∗ ) 9: return b = b ′ S is called CCA-secure against C if for every Ward the advantage | Pr [ CCA ( Ward , S , C , κ ) = true ] − 1 / 2 | ≤ negl On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 7 / 14

  21. CCA-secure stegosystem for memoryless channels UDP network packets: in arbitrary order ( memoryless ) Formally, we say that a channel C is memoryless , if C hist = C hist ′ for all hist , hist ′ , i. e. if the history has no effect on the channel distribution. Theorem ∃ S ∀C ∈ Memoryless : S is CCA-secure over C . Prevent document replacement with hash-value Prevent reordering of documents with PRP Embed: message + hash-value + PRP-key in a sequence of documents d 1 , . . . , d N Problem: d 1 , . . . , d N should not deviate from random permutation On the Gold Standard for Security of Universal Steganography EUROCRYPT, 2018 8 / 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gold and the Gold Standard Gold and the Gold Standard Nathan Lewis Principal, Kiku Capital

Gold and the Gold Standard Gold and the Gold Standard Nathan Lewis Principal, Kiku Capital

Gold and the Gold Standard Gold and the Gold Standard Nathan Lewis Principal, Kiku Capital Management LLC Author, Gold: the Once and Future Money (2007) www.newworldeconomics.com Why have people used gold as Why have people used gold as money

357 views • 19 slides
Gold Standard Plus(+) Sr. Executive Chef Christopher Kline Gold Standard Plus+ Process supporting

Gold Standard Plus(+) Sr. Executive Chef Christopher Kline Gold Standard Plus+ Process supporting

Gold Standard Plus(+) Sr. Executive Chef Christopher Kline Gold Standard Plus+ Process supporting the journey of a product from Creation to Commercialization through the eyes of a Chef /Technologist/Consumer Agenda Its a Journey Quick

504 views • 17 slides
Opportunities for Gold in Islamic Finance Shaokai Fan World Gold Council 4-6 JUNE 2017 Grand

Opportunities for Gold in Islamic Finance Shaokai Fan World Gold Council 4-6 JUNE 2017 Grand

Opportunities for Gold in Islamic Finance Shaokai Fan World Gold Council 4-6 JUNE 2017 Grand Copthorne, Singapore The Shariah Standard on Gold AAOIFI Standard No. 57 on Gold and its Trading Controls (the Shariah Standard on Gold)

407 views • 5 slides
UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE

UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE

UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE STANDARD Fast Set-up Flexible Deployment Easy Programming Safe UNIVERSAL ROBOTS SET THE STANDARD Fast setup Fast Set-up Flexible

585 views • 24 slides
Its Complicated Implications for the Gold Standard Liz Calderbank HM Chief Inspector

Its Complicated Implications for the Gold Standard Liz Calderbank HM Chief Inspector

Its Complicated Implications for the Gold Standard Liz Calderbank HM Chief Inspector Mark Boother HM Inspector Content HMI Probations involvement in EM Main findings A strategy for EM Towards a Gold Standard

229 views • 10 slides
integrating novel insights with gold standard therapies G.Kees Hovingh MD PhD MBA Department of

integrating novel insights with gold standard therapies G.Kees Hovingh MD PhD MBA Department of

Managing lipids: integrating novel insights with gold standard therapies G.Kees Hovingh MD PhD MBA Department of Vascular Medicine AMC Amsterdam, the Netherlands g.k.hovingh@amc.uva.nl Gold standard: guidelines The history of

882 views • 52 slides
End-to-end competition and the Universal Service David Gold, Head of Public Affairs Jenny Hall,

End-to-end competition and the Universal Service David Gold, Head of Public Affairs Jenny Hall,

End-to-end competition and the Universal Service David Gold, Head of Public Affairs Jenny Hall, Deputy Head of Public Affairs The Universal Service The Universal Service sees Royal Mail: o Deliver letters to all 29 million UK addresses six

138 views • 9 slides
Gold ld Market Outlook: Expectations Tru rump Reality Marcus Garvey ICBC Standard

Gold ld Market Outlook: Expectations Tru rump Reality Marcus Garvey ICBC Standard

Gold ld Market Outlook: Expectations Tru rump Reality Marcus Garvey ICBC Standard Commodities Strategy 4 th August 2018 Gold ld giv ives back early gain ins After initial outperformance, gold has caught down to EM Fx In Rupee terms,

455 views • 9 slides
1 What is a gold standard? A monetary system where the government links its supply of paper

1 What is a gold standard? A monetary system where the government links its supply of paper

1 What is a gold standard? A monetary system where the government links its supply of paper money to a stock of gold reserves (visual) Under a GS, the government de fi nes a dollar to be a speci fi c weight of gold A dollar bill is a

579 views • 12 slides
Standard India Gold Coin Somasundaram PR, Managing Director, India, World Gold Council 22 nd

Standard India Gold Coin Somasundaram PR, Managing Director, India, World Gold Council 22 nd

Standard India Gold Coin Somasundaram PR, Managing Director, India, World Gold Council 22 nd August 2015 22 nd August 2015 India gold market 22 000 t 22,000 tonnes 15% of world gold stock 15% f ld ld t k 25% of annual global

310 views • 20 slides
Security 2 CS 4410 Operating Systems [E. Birrell, A. Bracy, F. B. Schneider, E. Sirer, R. Van

Security 2 CS 4410 Operating Systems [E. Birrell, A. Bracy, F. B. Schneider, E. Sirer, R. Van

Security 2 CS 4410 Operating Systems [E. Birrell, A. Bracy, F. B. Schneider, E. Sirer, R. Van Renesse] References: Security Introduction and Access Control by Fred B. Schneider Security in Computer Systems Gold (Au) Standard for Security

610 views • 24 slides
using Gold Standard Presentation Bangkok, 25 July 2013 Mr. Patana S Contents About South

using Gold Standard Presentation Bangkok, 25 July 2013 Mr. Patana S Contents About South

Development of GHG Reduction Project by using Gold Standard Presentation Bangkok, 25 July 2013 Mr. Patana S Contents About South Pole Carbon Why Gold Standard Project cycle & Documentation requirement 2 South Pole has a

568 views • 27 slides
OCT Studies comparing OCT measurements with FFR (FFR been used as the gold standard) OCT

OCT Studies comparing OCT measurements with FFR (FFR been used as the gold standard) OCT

OCT Studies comparing OCT measurements with FFR (FFR been used as the gold standard) OCT characteristics of vulnerable plaques THE MAIN QUESTION REMAINS HOW TO DEAL WITH SENSITIVE PLAQUES OTHER THAN LOWERING CHOLESTEROL LEVELS 3D QCA

374 views • 10 slides
the gold standard method for amino acid analysis? Rachel Carling Biochemical Sciences Viapath

the gold standard method for amino acid analysis? Rachel Carling Biochemical Sciences Viapath

Is Ion Exchange Chromatography the gold standard method for amino acid analysis? Rachel Carling Biochemical Sciences Viapath Rachel.carling@viapath.co.uk @rachblacklabel Overview Define gold standard method Initial vote

677 views • 39 slides
New Notions of Security: Universal Composability without Trusted Setup Manoj Prabhakaran &

New Notions of Security: Universal Composability without Trusted Setup Manoj Prabhakaran &

New Notions of Security: Universal Composability without Trusted Setup Manoj Prabhakaran & Amit Sahai Princeton University To appear in STOC04 Defining Security Central Problem in Cryptography Understanding what we want and what we

1.13k views • 34 slides
Research Scholarship Developing a gold- standard, ecologically valid assessment of associated

Research Scholarship Developing a gold- standard, ecologically valid assessment of associated

The Allen Martin Research Scholarship Developing a gold- standard, ecologically valid assessment of associated reactions and demystifying the contributing impairments Michelle Kahn Senior Neurological Physiotherapist, Epworth Healthcare

888 views • 67 slides
for Stencil Accelerators Yuze Chi, Jason Cong University of California, Los Angeles

for Stencil Accelerators Yuze Chi, Jason Cong University of California, Los Angeles

Exploiting Computation Reuse for Stencil Accelerators Yuze Chi, Jason Cong University of California, Los Angeles {chiyuze,cong}@cs.ucla.edu Presenter: Yuze Chi PhD student in Computer Science Department, UCLA B.E. from Tsinghua Univ.,

462 views • 28 slides
Computability and the Halting Problem CS251 Programming Languages Spring

Computability and the Halting Problem CS251 Programming Languages Spring

Computability and the Halting Problem CS251 Programming Languages Spring 2016, Lyn Turbak Department of Computer Science Wellesley College Key Concepts from CS235 This lecture

1.07k views • 32 slides
Retrieval Strategies: Vector Space Model and Boolean (COSC 416) Nazli Goharian

Retrieval Strategies: Vector Space Model and Boolean (COSC 416) Nazli Goharian

Retrieval Strategies: Vector Space Model and Boolean (COSC 416) Nazli Goharian nazli@cs.georgetown.edu Goharian, Grossman, Frieder 2002, 2010 Retrieval Strategy An IR strategy is a technique by which a relevance measure is obtained

421 views • 15 slides
Slides for Lecture 30 ENEL 353: Digital Circuits Fall 2013 Term Steve Norman, PhD, PEng

Slides for Lecture 30 ENEL 353: Digital Circuits Fall 2013 Term Steve Norman, PhD, PEng

Slides for Lecture 30 ENEL 353: Digital Circuits Fall 2013 Term Steve Norman, PhD, PEng Electrical & Computer Engineering Schulich School of Engineering University of Calgary 20 November, 2013 slide 2/21 ENEL 353 F13 Section 02

418 views • 21 slides
AirCore: The gold standard for evaluation of satellite retrievals Colm Sweeney Debra Wunch Jack

AirCore: The gold standard for evaluation of satellite retrievals Colm Sweeney Debra Wunch Jack

AirCore: The gold standard for evaluation of satellite retrievals Colm Sweeney Debra Wunch Jack Higgs Anna Karion Tim Newberger Sonja Wolter Huilin Chen Marc Fischer Sebastien Biraud Greg Osterman NOAA/ESRL Boulder Questions?:

434 views • 22 slides
Lecture 8: Expected Utility Theory Alexander Wolitzky MIT 14.121 1 The Plan Course so far

Lecture 8: Expected Utility Theory Alexander Wolitzky MIT 14.121 1 The Plan Course so far

Lecture 8: Expected Utility Theory Alexander Wolitzky MIT 14.121 1 The Plan Course so far introduced basic theory of choice and utility, extended to consumer and producer theory. Last topic extends in another direction: choice under uncertainty 2

1.51k views • 23 slides
Estimation of Optimally-Combined-Biomarker Accuracy in the Absence of a Gold-Standard Reference

Estimation of Optimally-Combined-Biomarker Accuracy in the Absence of a Gold-Standard Reference

Estimation of Optimally-Combined-Biomarker Accuracy in the Absence of a Gold-Standard Reference Test Estimation of Optimally-Combined-Biomarker Accuracy in the Absence of a Gold-Standard Reference Test L. Garcia Barrado 1 E. Coart 2 T.

516 views • 29 slides
The State of Young Adults Balance Sheets: Evidence from the Survey of Consumer Finances Lisa

The State of Young Adults Balance Sheets: Evidence from the Survey of Consumer Finances Lisa

The State of Young Adults Balance Sheets: Evidence from the Survey of Consumer Finances Lisa Dettling and Joanne Hsu Federal Reserve Board May 8, 2014 The analysis and conclusions set forth are those of the authors and do not indicate

517 views • 12 slides

More recommend