{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T19:36:38Z","timestamp":1769283398740,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":20,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1228890"],"award-info":[{"award-number":["CNS-1228890"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813681","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T15:22:12Z","timestamp":1444144932000},"page":"1431-1440","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":74,"title":["Mass-surveillance without the State"],"prefix":"10.1145","author":[{"given":"Mihir","family":"Bellare","sequence":"first","affiliation":[{"name":"University of California San Diego, La Jolla, CA, USA"}]},{"given":"Joseph","family":"Jaeger","sequence":"additional","affiliation":[{"name":"University of California San Diego, La Jolla, CA, USA"}]},{"given":"Daniel","family":"Kane","sequence":"additional","affiliation":[{"name":"University of California San Diego, La Jolla, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"M.\n      Bellare J.\n      Kilian and \n      P.\n      Rogaway\n  . \n  The security of cipher block chaining\n  . In Y. Desmedt editor CRYPTO'94 volume \n  839\n   of \n  LNCS pages \n  341\n  --\n  358\n  . \n  Springer Aug. \n  1994\n  .   M. Bellare J. Kilian and P. Rogaway. The security of cipher block chaining. In Y. Desmedt editor CRYPTO'94 volume 839 of LNCS pages 341--358. Springer Aug. 1994.","DOI":"10.1007\/3-540-48658-5_32"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"crossref","unstructured":"M.\n      Bellare K. G.\n      Paterson and \n      P.\n      Rogaway\n  . \n  Security of symmetric encryption against mass surveillance\n  . In J. A. Garay and R. Gennaro editors CRYPTO \n  2014 Part I volume \n  8616\n   of \n  LNCS pages \n  1\n  --\n  19\n  . \n  Springer Aug. 2014.  M. Bellare K. G. Paterson and P. Rogaway. Security of symmetric encryption against mass surveillance. In J. A. Garay and R. Gennaro editors CRYPTO 2014 Part I volume 8616 of LNCS pages 1--19. Springer Aug. 2014.","DOI":"10.1007\/978-3-662-44371-2_1"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/11761679_25"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-48116-5_28"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"Y.\n      Dodis C.\n      Ganesh A.\n      Golovnev A.\n      Juels and \n      T.\n      Ristenpart\n  . \n  A formal treatment of backdoored pseudorandom generators\n  . In E. Oswald and M. Fischlin editors EUROCRYPT \n  2015 Part I volume \n  9056\n   of \n  LNCS pages \n  101\n  --\n  126\n  . \n  Springer Apr. 2015.  Y. Dodis C. Ganesh A. Golovnev A. Juels and T. Ristenpart. A formal treatment of backdoored pseudorandom generators. In E. Oswald and M. Fischlin editors EUROCRYPT 2015 Part I volume 9056 of LNCS pages 101--126. Springer Apr. 2015.","DOI":"10.1007\/978-3-662-46800-5_5"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"E.-J.\n      Goh D.\n      Boneh B.\n      Pinkas and \n      P.\n      Golle\n  . \n  The design and implementation of protocol-based hidden key recovery\n  . In C. Boyd and W. Mao editors ISC \n  2003 volume \n  2851\n   of \n  LNCS pages \n  165\n  --\n  179\n  . \n  Springer Oct. 2003.  E.-J. Goh D. Boneh B. Pinkas and P. Golle. The design and implementation of protocol-based hidden key recovery. In C. Boyd and W. Mao editors ISC 2003 volume 2851 of LNCS pages 165--179. Springer Oct. 2003.","DOI":"10.1007\/10958513_13"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/6490.6503"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"I.\n      Mironov\n     and \n      N.\n      Stephens-Davidowitz\n  . \n  Cryptographic reverse firewalls\n  . In E. Oswald and M. Fischlin editors EUROCRYPT \n  2015 Part II volume \n  9057\n   of \n  LNCS pages \n  657\n  --\n  686\n  . \n  Springer Apr. 2015.  I. Mironov and N. Stephens-Davidowitz. Cryptographic reverse firewalls. In E. Oswald and M. Fischlin editors EUROCRYPT 2015 Part II volume 9057 of LNCS pages 657--686. Springer Apr. 2015.","DOI":"10.1007\/978-3-662-46803-6_22"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"J.\n      Patarin\n     and \n      L.\n      Goubin\n  . \n  Asymmetric cryptography with S-boxes\n  . In Y. Han T. Okamoto and S. Qing editors ICICS 97 volume \n  1334\n   of \n  LNCS pages \n  369\n  --\n  380\n  . \n  Springer Nov. \n  1997\n  .   J. Patarin and L. Goubin. Asymmetric cryptography with S-boxes. In Y. Han T. Okamoto and S. Qing editors ICICS 97 volume 1334 of LNCS pages 369--380. Springer Nov. 1997.","DOI":"10.1007\/BFb0028492"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"K. G.\n      Paterson\n    .\n  Imprimitive permutation groups and trapdoors in iterated block ciphers\n  . In L. R. Knudsen editor FSE'99 volume \n  1636\n   of \n  LNCS pages \n  201\n  --\n  214\n  . \n  Springer Mar. \n  1999\n  .   K. G. Paterson. Imprimitive permutation groups and trapdoors in iterated block ciphers. In L. R. Knudsen editor FSE'99 volume 1636 of LNCS pages 201--214. Springer Mar. 1999.","DOI":"10.1007\/3-540-48519-8_15"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"V.\n      Rijmen\n     and \n      B.\n      Preneel\n  . \n  A family of trapdoor ciphers\n  . In E. Biham editor FSE'97 volume \n  1267\n   of \n  LNCS pages \n  139\n  --\n  148\n  . \n  Springer Jan. \n  1997\n  .   V. Rijmen and B. Preneel. A family of trapdoor ciphers. In E. Biham editor FSE'97 volume 1267 of LNCS pages 139--148. Springer Jan. 1997.","DOI":"10.1007\/BFb0052342"},{"key":"e_1_3_2_1_15_1","first-page":"51","volume-title":"CRYPTO'83","author":"Simmons G. J.","year":"1983"},{"key":"e_1_3_2_1_16_1","unstructured":"G. J.\n      Simmons\n    .\n  The subliminal channel and digital signature\n  . In T. Beth N. Cot and I. Ingemarsson editors EUROCRYPT'84 volume \n  209\n   of \n  LNCS pages \n  364\n  --\n  378\n  . \n  Springer Apr. \n  1985\n  .   G. J. Simmons. The subliminal channel and digital signature. In T. Beth N. Cot and I. Ingemarsson editors EUROCRYPT'84 volume 209 of LNCS pages 364--378. Springer Apr. 1985."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"G. J.\n      Simmons\n    .\n  A secure subliminal channel (?)\n  . In H. C. Williams editor CRYPTO'85 volume \n  218\n   of \n  LNCS pages \n  33\n  --\n  41\n  . \n  Springer Aug. \n  1986\n  .   G. J. Simmons. A secure subliminal channel (?). In H. C. Williams editor CRYPTO'85 volume 218 of LNCS pages 33--41. Springer Aug. 1986.","DOI":"10.1007\/3-540-39799-X_5"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"G. J.\n      Simmons\n    .\n  Subliminal communication is easy using the DSA\n  . In T. Helleseth editor EUROCRYPT'93 volume \n  765\n   of \n  LNCS pages \n  218\n  --\n  232\n  . \n  Springer May \n  1994\n  .   G. J. Simmons. Subliminal communication is easy using the DSA. In T. Helleseth editor EUROCRYPT'93 volume 765 of LNCS pages 218--232. Springer May 1994.","DOI":"10.1007\/3-540-48285-7_18"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"A.\n      Young\n     and \n      M.\n      Yung\n  . \n  The dark side of \"black-box\" cryptography or: Should we trust capstone? In N\n  . Koblitz editor CRYPTO'96 volume \n  1109\n   of \n  LNCS pages \n  89\n  --\n  103\n  . \n  Springer Aug. \n  1996\n  .   A. Young and M. Yung. The dark side of \"black-box\" cryptography or: Should we trust capstone? In N. Koblitz editor CRYPTO'96 volume 1109 of LNCS pages 89--103. Springer Aug. 1996.","DOI":"10.1007\/3-540-68697-5_8"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"A.\n      Young\n     and \n      M.\n      Yung\n  . \n  Kleptography: Using cryptography against cryptography\n  . In W. Fumy editor EUROCRYPT'97 volume \n  1233\n   of \n  LNCS pages \n  62\n  --\n  74\n  . \n  Springer May \n  1997\n  .   A. Young and M. Yung. Kleptography: Using cryptography against cryptography. In W. Fumy editor EUROCRYPT'97 volume 1233 of LNCS pages 62--74. Springer May 1997.","DOI":"10.1007\/3-540-69053-0_6"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"A.\n      Young\n     and \n      M.\n      Yung\n  . \n  Monkey: Black-Box symmetric ciphers designed for MONopolizing KEYs\n  . In S. Vaudenay editor FSE'98 volume \n  1372\n   of \n  LNCS pages \n  122\n  --\n  133\n  . \n  Springer Mar. \n  1998\n  .   A. Young and M. Yung. Monkey: Black-Box symmetric ciphers designed for MONopolizing KEYs. In S. Vaudenay editor FSE'98 volume 1372 of LNCS pages 122--133. Springer Mar. 1998.","DOI":"10.1007\/3-540-69710-1_9"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30564-4_14"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"A. L.\n      Young\n     and \n      M.\n      Yung\n  . \n  Backdoor attacks on black-box ciphers exploiting low-entropy plaintexts\n  . In R. Safavi-Naini and J. Seberry editors ACISP 03 volume \n  2727\n   of \n  LNCS pages \n  297\n  --\n  311\n  . \n  Springer July \n  2003\n  .   A. L. Young and M. Yung. Backdoor attacks on black-box ciphers exploiting low-entropy plaintexts. In R. Safavi-Naini and J. Seberry editors ACISP 03 volume 2727 of LNCS pages 297--311. Springer July 2003.","DOI":"10.1007\/3-540-45067-X_26"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813681","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813681","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:24Z","timestamp":1750225704000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813681"}},"subtitle":["Strongly Undetectable Algorithm-Substitution Attacks"],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":20,"alternative-id":["10.1145\/2810103.2813681","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813681","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}