The PRISM made the research of cryptography against subversion attacks flourish these years. In a subversion attack, surveillants can compromise the security of users’ systems by subverting implementations of cryptographic algorithms. While the scenario of a single-surveillant has been researched by several works, the multi-surveillant setting attracted less consideration. The authors have initialised this notion in previous work but assumed the surveillants to be completely isolated. In this study, the authors follow this idea and consider more realistic scenarios of the multi-surveillant subversion, where surveillants are able to have limited communications. They propose the notions of queryable adversaries and conversational adversaries. In the first setting, adversaries can verify whether output is produced by a subverted implementation from others; in the latter setting, adversaries can have arbitrary conversations with each other without leaking their backdoors. Under the framework of ‘amalgamation and decomposition’, they design randomness generators that are secure against queryable adversaries and conversational adversaries, respectively, by adopting implementations from different sources intentionally. Based on the secure randomness generators, they construct symmetric encryption schemes that match the corresponding security definitions.

中文翻译：

---

大规模监视的更现实分析–多监视环境中的安全性

近年来，PRISM使得针对颠覆攻击的密码学研究蓬勃发展。在颠覆攻击中，监视者可以通过颠覆加密算法的实现来损害用户系统的安全性。尽管已经有几篇著作研究了单一监视者的场景，但多监视者环境却引起了较少的关注。作者已经在先前的工作中初始化了这个概念，但假设监视者是完全隔离的。在这项研究中，作者遵循了这一想法，并考虑了多监视颠覆的更现实情况，在这种情况下，监视者能够进行有限的交流。他们提出了可查询对手和对话对手的概念。在第一个设置中，对手可以验证输出是否是由他人颠覆的实现产生的；在后一种情况下，对手之间可以进行任意对话，而不会泄漏其后门。在“融合和分解”的框架下，他们通过有意采用来自不同来源的实现，设计了随机性生成器，分别针对可查询的对手和对话的对手是安全的。基于安全随机性生成器，它们构造与相应安全性定义匹配的对称加密方案。他们设计了随机性生成器，分别通过有意采用来自不同来源的实现方式来分别防止可查询的对手和会话的对手。基于安全随机性生成器，它们构造与相应安全性定义匹配的对称加密方案。他们设计了随机性生成器，分别通过有意采用来自不同来源的实现方式来分别防止可查询的对手和会话的对手。基于安全随机性生成器，它们构造与相应安全性定义匹配的对称加密方案。