Subliminal Channels in CRYSTALS-Kyber Key-Encapsulation Mechanism and Their Use in Quantum-Resistant TLS Protocols

Cryptographic protocols can be used to covertly exchange information without arousing suspicion. The covert channels created in this way are called subliminal channels. In this work, three different subliminal channels using CRYSTALS-Kyber are discovered. Kyber is employed in the Module-Lattice-base...

Descripción completa

Detalles Bibliográficos
Autores: Román Hajderek, Roberto, Arjona, Rosario, Baturone Castillo, María Iluminada
Tipo de recurso: artículo
Estado:Versión publicada
Fecha de publicación:2025
País:España
Institución:Universidad de Sevilla (US)
Repositorio:idUS. Depósito de Investigación de la Universidad de Sevilla
OAI Identifier:oai:idus.us.es:11441/179174
Acceso en línea:https://hdl.handle.net/11441/179174
https://doi.org/10.1109/ACCESS.2025.3590863
Access Level:acceso abierto
Palabra clave:Subliminal channel
Covert channel
TLS
Post-quantum cryptography
CRYSTALS-Kyber
Key encapsulation mechanism
Descripción
Sumario:Cryptographic protocols can be used to covertly exchange information without arousing suspicion. The covert channels created in this way are called subliminal channels. In this work, three different subliminal channels using CRYSTALS-Kyber are discovered. Kyber is employed in the Module-Lattice-based Key-Encapsulation Mechanism (ML-KEM) standard published in FIPS 203. In the found subliminal channels, the covert message is embedded in the random data needed by the encapsulation or the key generation algorithms. Two settings are differentiated depending on if the covert receiver is an overt entity executing the key exchange protocol or a man-in-the-middle. An important feature achieved by the proposed subliminal channels is plausible deniability. Covert entities can convince a jury that they did not use a subverted version of the original Kyber algorithms by showing the random data used in the protocol, the values exchanged, and the outputs of the algorithms. The proposed subliminal channels can be used in quantum-resistant proposals of TLS (Transport Layer Security). Concretely, this work explores the use of the proposed subliminal channels in PQTLS and KEMTLS. Also, some countermeasures are proposed in the paper. Experimental results show that the overhead in execution times is not significant and that from 2 to 34 bytes of covered information can be transmitted per TLS handshake.