Automatic Event-Stream Notarization Using Digital Signatures
B. Schneier and J. Kelsey
Security Protocols, International Workshop April 1996 Proceedings, Springer-Verlag, 1997, pp. 155-169.
Some digital signature algorithms (such as RSA) require messages to be padded before they are signed. Secure tokens can use these padding bits as a subliminal channel to embed auditing information in their signed messages. These auditing bits simplify protecting against lost and stolen tokens; breaks of specific protocols, hash functions, and ciphers; and attacks based on defeating a token's tamper-resistance.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.