The ISC International Journal of Information Security

Enhancing Kleptographic Backdoors in Hash-Based Deterministic Random Bit Generators

Articles in Press

Document Type : Research Article

Authors

Sepehr Jafari
Raziyeh Salarifard

Faculty of Computer Science and Engineering, Shahid Beheshti University, Tehran, Iran.

10.22042/isecure.2026.241269
Abstract
Deterministic Random Bit Generators (DRBGs) are essential for cryptographic security but remain vulnerable to covert kleptographic attacks that implant backdoors to leak sensitive information. Despite being known for two decades, as demonstrated by incidents such as the Snowden revelations and Dual-EC, these attacks persist in modern protocols, including TLS and post-quantum systems. This paper introduces a novel kleptographic backdoor for hash-based DRBGs, utilising a dual-phase design: secret information is split across two complementary phases, each requiring the other for recovery. This design significantly increases the overall complexity compared with conventional methods. To enhance indistinguishability, we integrate randomness derived from the discrete logarithm problem, ensuring statistical conformity. By leveraging ElGamal encryption to ensure compatibility with our approach, we develop a highly covert backdoor. Rigorous validation via the NIST Statistical Test Suite (STS) and neural network-based anomaly detection confirms the backdoor passes all NIST tests while evading machine learning detection, maintaining statistical integrity and structural consistency. 

Keywords

kleptographic backdoor
DRBG
Random number
NIST
ANN
The ISC International Journal of Information Security

Articles in Press, Accepted Manuscript
Available Online from 22 February 2026

Home

AI Policies

Guide for Authors

Submit Manuscript

Contact Us