How to use untrusty cryptographic devices

                  Daniel Kucner and Miroslaw Kutylowski

Institute of Computer Science, University of Wroclaw,
Inst. of Mathematics, Wroclaw University of Technology, and CC Signet

Secure devices implementing standard cryptographic  operations  such  as
electronic   signatures  can  leak  information  on  secret  data  using
kleptography techniques. Testing such devices is extremely  hard,  since
on  one  hand  one of design objectives is to disable external access to
the device, and on the other hand the output of  a  contaminated  device
might  be  indistinguishable from the legitimate one is a secret data is
unknown. We discuss a couple of simple and cheap techniques that may  be
used as defense against such threats.