{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T08:40:25Z","timestamp":1773736825570,"version":"3.50.1"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030036379","type":"print"},{"value":"9783030036386","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-03638-6_5","type":"book-chapter","created":{"date-parts":[[2018,11,1]],"date-time":"2018-11-01T03:12:53Z","timestamp":1541041973000},"page":"73-87","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Unifying Kleptographic Attacks"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3953-2744","authenticated-orcid":false,"given":"George","family":"Te\u015feleanu","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,11,2]]},"reference":[{"key":"5_CR1","unstructured":"Abdalla, M., Bellare, M., Rogaway, P.: DHAES: An Encryption Scheme Based on the Diffie-Hellman Problem. IACR Cryptology ePrint Archive 1999\/7 (1999)"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes. In: ACM-CCS 2015, pp. 364\u2013375. ACM (2015)","DOI":"10.1145\/2810103.2813635"},{"key":"5_CR3","unstructured":"Ball, J., Borger, J., Greenwald, G.: Revealed: How US and UK Spy Agencies Defeat Internet Privacy and Security. The Guardian 6 (2013)"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Bellare, M., Jaeger, J., Kane, D.: Mass-Surveillance without the state: strongly undetectable algorithm-substitution attacks. In: ACM-CCS 2015, pp. 1431\u20131440. ACM (2015)","DOI":"10.1145\/2810103.2813681"},{"key":"5_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-662-44371-2_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"M Bellare","year":"2014","unstructured":"Bellare, M., Paterson, K.G., Rogaway, P.: Security of symmetric encryption against mass surveillance. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 1\u201319. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44371-2_1"},{"key":"5_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0028457","volume-title":"Information and Communications Security","author":"M Bellare","year":"1997","unstructured":"Bellare, M., Rogaway, P.: Minimizing the use of random oracles in authenticated encryption schemes. In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 1\u201316. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0028457"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Berndt, S., Li\u015bkiewicz, M.: Algorithm substitution attacks from a steganographic perspective. In: ACM-CCS 2017, pp. 1649\u20131660. ACM (2017)","DOI":"10.1145\/3133956.3133981"},{"key":"5_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/3-540-39118-5_13","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u2019 87","author":"D Chaum","year":"1988","unstructured":"Chaum, D., Evertse, J.-H., van de Graaf, J.: An improved protocol for demonstrating possession of discrete logarithms and some generalizations. In: Chaum, D., Price, W.L. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 127\u2013141. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-39118-5_13"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Checkoway, S., et al.: A systematic analysis of the Juniper dual EC Incident. In: ACM-CCS 2016, pp. 468\u2013479. ACM (2016)","DOI":"10.1145\/2976749.2978395"},{"key":"5_CR10","unstructured":"Checkoway, S., et al.: On the Practical Exploitability of Dual EC in TLS Implementations. In: USENIX Security Symposium, pp. 319\u2013335. USENIX Association (2014)"},{"key":"5_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1007\/3-540-36563-X_28","volume-title":"Topics in Cryptology \u2013 CT-RSA 2003","author":"C Cr\u00e9peau","year":"2003","unstructured":"Cr\u00e9peau, C., Slakmon, A.: Simple backdoors for RSA key generation. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 403\u2013416. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36563-X_28"},{"key":"5_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-662-46800-5_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"Y Dodis","year":"2015","unstructured":"Dodis, Y., Ganesh, C., Golovnev, A., Juels, A., Ristenpart, T.: A formal treatment of backdoored pseudorandom generators. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 101\u2013126. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_5"},{"key":"5_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"494","DOI":"10.1007\/978-3-540-28628-8_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Gennaro, R., H\u00e5stad, J., Krawczyk, H., Rabin, T.: Randomness extraction and key derivation using the CBC, cascade and HMAC modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494\u2013510. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-28628-8_30"},{"issue":"2","key":"5_CR14","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/BF02351717","volume":"1","author":"U Feige","year":"1988","unstructured":"Feige, U., Fiat, A., Shamir, A.: Zero-Knowledge proofs of identity. J. Cryptol. 1(2), 77\u201394 (1988)","journal-title":"J. Cryptol."},{"key":"5_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 86","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How To prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"5_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1007\/978-3-319-56620-7_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"J Fried","year":"2017","unstructured":"Fried, J., Gaudry, P., Heninger, N., Thom\u00e9, E.: A Kilobit hidden SNFS discrete logarithm computation. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 202\u2013231. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56620-7_8"},{"key":"5_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/978-3-540-24676-3_22","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"R Gennaro","year":"2004","unstructured":"Gennaro, R., Krawczyk, H., Rabin, T.: Secure hashed Diffie-Hellman over Non-DDH\u00a0groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 361\u2013381. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_22"},{"key":"5_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1007\/3-540-46877-3_44","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201990","author":"M Girault","year":"1991","unstructured":"Girault, M.: An identity-based identification scheme based on discrete logarithms modulo a composite number. In: Damg\u00e5rd, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 481\u2013486. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-46877-3_44"},{"key":"5_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1007\/3-540-48071-4_5","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 92","author":"DM Gordon","year":"1993","unstructured":"Gordon, D.M.: Designing and detecting trapdoors for discrete log cryptosystems. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 66\u201375. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_5"},{"key":"5_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/3-540-45961-8_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201988","author":"LC Guillou","year":"1988","unstructured":"Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Barstow, D., Brauer, W., Brinch Hansen, P., Gries, D., Luckham, D., Moler, C., Pnueli, A., Seegm\u00fcller, G., Stoer, J., Wirth, N., G\u00fcnther, C.G. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123\u2013128. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-45961-8_11"},{"key":"5_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1007\/978-3-319-69284-5_12","volume-title":"Innovative Security Solutions for Information Technology and Communications","author":"D Maimu\u0163","year":"2017","unstructured":"Maimu\u0163, D., Te\u015feleanu, G.: Secretly embedding trapdoors into contract signing protocols. In: Farshim, P., Simion, E. (eds.) SecITC 2017. LNCS, vol. 10543, pp. 166\u2013186. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-69284-5_12"},{"key":"5_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1007\/978-3-642-02384-2_17","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2009","author":"U Maurer","year":"2009","unstructured":"Maurer, U.: Unifying zero-knowledge proofs of knowledge. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 272\u2013286. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-02384-2_17"},{"issue":"2","key":"5_CR23","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/BF02351718","volume":"1","author":"K McCurley","year":"1988","unstructured":"McCurley, K.: A key distribution system equivalent to factoring. J. Cryptol. 1(2), 95\u2013105 (1988)","journal-title":"J. Cryptol."},{"issue":"2","key":"5_CR24","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1145\/972639.972643","volume":"51","author":"M Naor","year":"2004","unstructured":"Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. J. ACM (JACM) 51(2), 231\u2013262 (2004)","journal-title":"J. ACM (JACM)"},{"key":"5_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-48071-4_3","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 92","author":"T Okamoto","year":"1993","unstructured":"Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 31\u201353. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_3"},{"key":"5_CR26","unstructured":"Perlroth, N., Larson, J., Shane, S.: NSA Able to Foil Basic Safeguards of Privacy on Web. The New York Times, 5 (2013)"},{"key":"5_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-662-53890-6_2","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"A Russell","year":"2016","unstructured":"Russell, A., Tang, Q., Yung, M., Zhou, H.-S.: Cliptography: clipping the power of Kleptographic attacks. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 34\u201364. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53890-6_2"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Russell, A., Tang, Q., Yung, M., Zhou, H.S.: Generic Semantic Security against a Kleptographic Adversary. In: ACM-CCS 2017, pp. 907\u2013922. ACM (2017)","DOI":"10.1145\/3133956.3133993"},{"key":"5_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/0-387-34805-0_22","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"CP Schnorr","year":"1990","unstructured":"Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239\u2013252. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_22"},{"key":"5_CR30","unstructured":"Shoup, V.: Sequences of Games: A Tool for Taming Complexity in Security Proofs. IACR Cryptology ePrint Archive 2004\/332 (2004)"},{"key":"5_CR31","unstructured":"Te\u015feleanu, G.: Threshold Kleptographic Attacks on Discrete Logarithm Based Signatures. IACR Cryptology ePrint Archive 2017\/953 (2017)"},{"key":"5_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/3-540-68697-5_8","volume-title":"Advances in Cryptology \u2014 CRYPTO 96","author":"A Young","year":"1996","unstructured":"Young, A., Yung, M.: The dark side of \u201cBlack-Box\u201d cryptography or: should we trust capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 89\u2013103. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_8"},{"key":"5_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/3-540-69053-0_6","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201997","author":"A Young","year":"1997","unstructured":"Young, A., Yung, M.: Kleptography: using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62\u201374. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_6"},{"key":"5_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"264","DOI":"10.1007\/BFb0052241","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201997","author":"A Young","year":"1997","unstructured":"Young, A., Yung, M.: The prevalence of kleptographic attacks on discrete-log based cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 264\u2013276. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0052241"},{"key":"5_CR35","volume-title":"Malicious Cryptography: Exposing Cryptovirology","author":"A Young","year":"2004","unstructured":"Young, A., Yung, M.: Malicious Cryptography: Exposing Cryptovirology. Wiley, Indianapolis (2004)"},{"key":"5_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1007\/978-3-540-30574-3_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"A Young","year":"2005","unstructured":"Young, A., Yung, M.: Malicious cryptography: kleptographic aspects. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 7\u201318. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30574-3_2"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-03638-6_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,30]],"date-time":"2019-10-30T06:15:27Z","timestamp":1572416127000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-03638-6_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030036379","9783030036386"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-03638-6_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"NordSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nordic Conference on Secure IT Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nordsec2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securitylab.no\/nordsec18\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"81","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"36% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}