Here’s how you can make the sum large without Bob noticing: just add a small amount to each coordinate, like v′i=vi+1. Then Bob could attribute each coordinate’s offset to noise, and you’ve made the sum of v′i greater by 100.
This would assume that either Bob is unaware that an attack might be happening, or that he can’t be bothered to do statistical analysis on his vector.
If the original value (without the noise chosen by Alice) is non-obvious to the attacker, but obvious to Bob (e.g., they use redundancy and encryption—it is a well known fact that Alice and Bob like cryptography), and the magnitude of the noise is common knowledge, then all attempts to modify the message will, on average, increase the standard deviation of the noise as measured by Bob. If my math is right, the attacker could modify each value by about half the width of the noise and end up with an expected χ2 sum of 112 instead of 100, which will probably not be suspicious to Bob.
If Bob has an idea of the attackers objective, detecting tampering will get much easier. If Bob suspects that the attacker wants a huge sum, he can just calculate the sum of the noise terms and compare that to the expected distribution. Then any deniable tampering would have to be within expected random fluctuations. (Of course, for every vector, there is some base in which it looks very suspicious.)
Often, we have an idea what the objective of an adversary using a sum-threshold attack might be. There is more utility in influencing who get’s to be president of a country than in influencing who will become the tenth-ranking janitor in their residence. Some bosses would like to pressure their employees into having sex, few if any want to condition them to speak sentences with a prime number of syllables.
True. But often the target can’t do that test, e.g. because it’s costly or because they don’t actually know what to look for. Also, the “threshold” is sometimes not about the target, but about a third party, e.g. a another person who’s supposed to judge whether the attacked is really being attacked. Verbal abuse is an example of both: the abused often doesn’t have concepts to describe what’s happening, and so doesn’t know what to look for and doesn’t know what to say to a judge; and because the abuse comes along with pain and distraction, it’s costly to track the sum; and there’s noise and ambiguity, so the judge doesn’t credit any one instance; and the judge may not accept a description of the sum, but only accepts an accounting of each instance, which imposes sum-sized costs on reporting a sum-sized attack.
This would assume that either Bob is unaware that an attack might be happening, or that he can’t be bothered to do statistical analysis on his vector.
If the original value (without the noise chosen by Alice) is non-obvious to the attacker, but obvious to Bob (e.g., they use redundancy and encryption—it is a well known fact that Alice and Bob like cryptography), and the magnitude of the noise is common knowledge, then all attempts to modify the message will, on average, increase the standard deviation of the noise as measured by Bob. If my math is right, the attacker could modify each value by about half the width of the noise and end up with an expected χ2 sum of 112 instead of 100, which will probably not be suspicious to Bob.
If Bob has an idea of the attackers objective, detecting tampering will get much easier. If Bob suspects that the attacker wants a huge sum, he can just calculate the sum of the noise terms and compare that to the expected distribution. Then any deniable tampering would have to be within expected random fluctuations. (Of course, for every vector, there is some base in which it looks very suspicious.)
Often, we have an idea what the objective of an adversary using a sum-threshold attack might be. There is more utility in influencing who get’s to be president of a country than in influencing who will become the tenth-ranking janitor in their residence. Some bosses would like to pressure their employees into having sex, few if any want to condition them to speak sentences with a prime number of syllables.
True. But often the target can’t do that test, e.g. because it’s costly or because they don’t actually know what to look for. Also, the “threshold” is sometimes not about the target, but about a third party, e.g. a another person who’s supposed to judge whether the attacked is really being attacked. Verbal abuse is an example of both: the abused often doesn’t have concepts to describe what’s happening, and so doesn’t know what to look for and doesn’t know what to say to a judge; and because the abuse comes along with pain and distraction, it’s costly to track the sum; and there’s noise and ambiguity, so the judge doesn’t credit any one instance; and the judge may not accept a description of the sum, but only accepts an accounting of each instance, which imposes sum-sized costs on reporting a sum-sized attack.