Information leakage

Last updated October 22, 2023

Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. In other words: Information leakage occurs when secret information correlates with, or can be correlated with, observable information. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack encryption codes could see when messages are transmitted, even if he could not read them.

Risk vectors

A modern example of information leakage is the leakage of secret information via data compression, by using variations in data compression ratio to reveal correlations between known (or deliberately injected) plaintext and secret data combined in a single compressed stream.^[1] Another example is the key leakage that can occur when using some public-key systems when cryptographic nonce values used in signing operations are insufficiently random.^[2] Bad randomness cannot protect proper functioning of a cryptographic system, even in a benign circumstance, it can easily produce crackable keys that cause key leakage.^[3]^{[ citation needed ]}

Information leakage can sometimes be deliberate: for example, an algorithmic converter may be shipped that intentionally leaks small amounts of information, in order to provide its creator with the ability to intercept the users' messages, while still allowing the user to maintain an illusion that the system is secure. This sort of deliberate leakage is sometimes known as a subliminal channel.^[4]^[5]

Generally, only very advanced systems employ defenses against information leakage.

Following are the commonly implemented countermeasures :

Use steganography to hide the fact that a message is transmitted at all.
Use chaffing to make it unclear to whom messages are transmitted (but this does not hide from others the fact that messages are transmitted).
For busy re-transmitting proxies, such as a Mixmaster node: randomly delay and shuffle the order of outbound packets - this will assist in disguising a given message's path, especially if there are multiple, popular forwarding nodes, such as are employed with Mixmaster mail forwarding.
When a data value is no longer going to be used, erase it from the memory.

Related Research Articles

In cryptography, a block cipher is a deterministic algorithm that operates on fixed-length groups of bits, called blocks. Block ciphers are the elementary building blocks of many cryptographic protocols. They are ubiquitous in the storage and exchange of data, where such data is secured and authenticated via encryption.

<span class="mw-page-title-main">Cryptanalysis</span> Study of analyzing information systems in order to discover their hidden aspects

Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.

The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, a plaintext is paired with a random secret key. Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition.

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric-key encryption, in comparison to public-key encryption. However, symmetric-key encryption algorithms are usually better for bulk encryption. With exception of the one-time pad they have a smaller key size, which means less storage space and faster transmission. Due to this, asymmetric-key encryption is often used to exchange the secret key for symmetric-key encryption.

An anonymous remailer is a server that receives messages with embedded instructions on where to send them next, and that forwards them without revealing where they originally came from. There are cypherpunk anonymous remailers, mixmaster anonymous remailers, and nym servers, among others, which differ in how they work, in the policies they adopt, and in the type of attack on the anonymity of e-mail they can resist. Remailing as discussed in this article applies to e-mails intended for particular recipients, not the general public. Anonymity in the latter case is more easily addressed by using any of several methods of anonymous publication.

In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.

In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.

In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. This process prevents the loss of sensitive information via hacking. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code, not a cipher.

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to the layers of an onion. The encrypted data is transmitted through a series of network nodes called "onion routers," each of which "peels" away a single layer, revealing the data's next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes. While onion routing provides a high level of security and anonymity, there are methods to break the anonymity of this technique, such as timing analysis.

A cryptographic hash function (CHF) is a hash algorithm that has special properties desirable for a cryptographic application:

In cryptography, padding is any of a number of distinct practices which all include adding data to the beginning, middle, or end of a message prior to encryption. In classical cryptography, padding may include adding nonsense phrases to a message to obscure the fact that many messages end in predictable ways, e.g. sincerely yours.

A cryptosystem is considered to have information-theoretic security if the system is secure against adversaries with unlimited computing resources and time. In contrast, a system which depends on the computational cost of cryptanalysis to be secure is called computationally, or conditionally, secure.

In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists.

Authenticated Encryption (AE) is an encryption scheme which simultaneously assures the data confidentiality and authenticity. Examples of encryption modes that provide AE are GCM, CCM.

A deterministic encryption scheme is a cryptosystem which always produces the same ciphertext for a given plaintext and key, even over separate executions of the encryption algorithm. Examples of deterministic encryption algorithms include RSA cryptosystem, and many block ciphers when used in ECB mode or with a constant initialization vector.

In cryptography, an all-or-nothing transform (AONT), also known as an all-or-nothing protocol, is an encryption mode which allows the data to be understood only if all of it is known. AONTs are not encryption, but frequently make use of symmetric ciphers and may be applied before encryption. In exact terms, "an AONT is an unkeyed, invertible, randomized transformation, with the property that it is hard to invert unless all of the output is known."

In cryptanalysis, attack models or attack types are a classification of cryptographic attacks specifying the kind of access a cryptanalyst has to a system under attack when attempting to "break" an encrypted message generated by the system. The greater the access the cryptanalyst has to the system, the more useful information they can get to utilize for breaking the cypher.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

References

↑ Kelsey, J. (2002). "Compression and Information Leakage of Plaintext". Fast Software Encryption. Lecture Notes in Computer Science. Vol. 2365. pp. 263–276. doi:10.1007/3-540-45661-9_21. ISBN 978-3-540-44009-3.
↑ Rembovsky, Anatoly; Ashikhmin, Alexander; Kozmin, Vladimir; Smolskiy, Sergey (2009), "Methods and Equipment for Protection Against Information Leakage Via CEE Channels", Radio Monitoring, Boston, MA: Springer US, vol. 43, pp. 471–496, doi:10.1007/978-0-387-98100-0_12, ISBN 978-0-387-98099-7 , retrieved 2021-10-02
↑ Schneier, Bruce; Fredrikson, Matthew; Kohno, Tadayoshi; Ristenpart, Thomas (2015). "Surreptitiously Weakening Cryptographic Systems". Schneier on Security. Archived from the original on April 14, 2019. Alt URL
↑ Ron Rivest (October 3, 2002). "6.857 Computer and Network Security Lecture Notes 9 : DSA/DSS, RSA, chosen-ciphertext attack" (PDF). MIT. Retrieved 2012-09-14.
↑ Yu, Xiang; Tian, Zhihong; Qiu, Jing; Jiang, Feng (2018). "A Data Leakage Prevention Method Based on the Reduction of Confidential and Context Terms for Smart Mobile Devices". Wireless Communications and Mobile Computing. 2018: 1–11. doi: 10.1155/2018/5823439 .

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Kelsey, J. (2002). "Compression and Information Leakage of Plaintext". Fast Software Encryption. Lecture Notes in Computer Science. Vol. 2365. pp. 263–276. doi:10.1007/3-540-45661-9_21. ISBN 978-3-540-44009-3.

[2] Rembovsky, Anatoly; Ashikhmin, Alexander; Kozmin, Vladimir; Smolskiy, Sergey (2009), "Methods and Equipment for Protection Against Information Leakage Via CEE Channels", Radio Monitoring, Boston, MA: Springer US, vol. 43, pp. 471–496, doi:10.1007/978-0-387-98100-0_12, ISBN 978-0-387-98099-7 , retrieved 2021-10-02

[3] Schneier, Bruce; Fredrikson, Matthew; Kohno, Tadayoshi; Ristenpart, Thomas (2015). "Surreptitiously Weakening Cryptographic Systems". Schneier on Security. Archived from the original on April 14, 2019. Alt URL

[4] Ron Rivest (October 3, 2002). "6.857 Computer and Network Security Lecture Notes 9 : DSA/DSS, RSA, chosen-ciphertext attack" (PDF). MIT. Retrieved 2012-09-14.

[5] Yu, Xiang; Tian, Zhihong; Qiu, Jing; Jiang, Feng (2018). "A Data Leakage Prevention Method Based on the Reduction of Confidential and Context Terms for Smart Mobile Devices". Wireless Communications and Mobile Computing. 2018: 1–11. doi: 10.1155/2018/5823439 .

[1]

[2]

[3]

[4]

[5]

Information leakage

Contents

Risk vectors

See also

Related Research Articles

References