[118314] in Cypherpunks
REMOVE ME !!!!!!
daemon@ATHENA.MIT.EDU (Mark Elliott)
Fri Sep 24 21:53:51 1999
From: "Mark Elliott" <melliot@gts-tkts.com>
To: <cypherpunks@toad.com>
Date: Fri, 24 Sep 1999 12:38:35 -0700
Message-ID: <002501bf06c4$64ffb6e0$0b01a8c0@mark>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <000701bf068f$cb4749c0$1600a8c0@pacific.net.ph>
Reply-To: "Mark Elliott" <melliot@gts-tkts.com>
-----Original Message-----
From: owner-cypherpunks@toad.com [mailto:owner-cypherpunks@toad.com] On
Behalf Of Jean-Louis LAROCQUE
Sent: Friday, September 24, 1999 6:22 AM
To: cypherpunks@toad.com
Subject: Subliminal Channels
Explain.
____________________
"Gus Simmons discovered a subliminal channel in DSA.. This subliminal
channel allows someone to embed a secret message in his signature that can
only be read by another person who knows the key. According to Simmons, it
is a "remarkable coincidence" that the "apparently inherent shortcomings of
subliminal channels using the ElGamal scheme can all be overcome" in the
DSS, and that the DSS "provides the most hospitable setting for subliminal
communications discovered to date." NIST and NSA have not commented on this
subliminal channel; no one knows if they even knew about it. Since this
subliminal channel allows an unscrupulous implementer of DSS to leak a piece
of the private key with each signature, it is important to never use an
implementation of DSS if you don't trust the implementer." -Applied
Cryptography, page 493
