KLEPTOGRAPHIC ATTAKS ON E-AUCTION SCHEMES

In this paper we examine resistance of electronic auctions protocols to kleptographic attacks. It turns out that these protocols are vulnerable to threats posed by kleptography and practical consequences might be profound. A party controlling production of software or hardware used in an auction may get access to complete data on user's decisions and construct his profile through passive observation only. At the same time, no other party can retrieve such data (even after reverse engineering the devices). On technical side we show that an adversary using kleptography might deploy a single elliptic curve over a prime field to RSA key generation. This approach gives a shorter key than in the case of a twisted pair of elliptic curves over a binary field. This improves the attacks presented by Young and Yung. We also show that in case of tamper resistant devices the goals of kleptography might be achieved without public key algorithms, but through usage of hash functions.