White-Box Security Notions for Symmetric Encryption Schemes

Delerablée, Cécile; Lepoint, Tancrède; Paillier, Pascal; Rivain, Matthieu

doi:10.1007/978-3-662-43414-7_13

Cited by 46 publications

(55 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Formal security notions for symmetric white-box schemes are discussed and introduced in [59,22]. In [11] it is shown how one can use the ASASA construction with injective Sboxes (where ASA stands for the affine-substitution-affine [55] construction) to instantiate white-box cryptography.…”

Section: Miscellaneous White-box Resultsmentioning

confidence: 99%

“…This is equivalent to a setting where one has only black-box access to the implementation. As observed by [22] this means that such a white-box implementation should resist all existing and future side-channel attacks. In this paper we explore exactly this idea and check if we can deduce information about the secret embedded in a white-box implementation by correlating key guesses to intermediate results obtained from software traces.…”

Section: Introductionmentioning

confidence: 93%

“…Moreover, the authors of [35] built upon a 2012 result [65] which improves the most time-consuming phase of the BGE attack. This reduces the cost of the BGE attack to a time complexity of 2 22 . An independent attack, of the same time complexity, is presented in [35] as well.…”

Section: White-box Advanced Encryption Standard (Wb-aes)mentioning

confidence: 99%

See 2 more Smart Citations

Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough

Bos

Hubain²,

Michiels

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Although all current scientific white-box approaches of standardized cryptographic primitives are broken, there is still a large number of companies which sell "secure" white-box products. In this paper a new approach to assess the security of white-box implementations is presented which requires neither knowledge about the look-up tables used nor any reverse engineering effort. This differential computation analysis (DCA) attack is the software counterpart of the differential power analysis attack as applied by the cryptographic hardware community. We developed plugins to widely available dynamic binary instrumentation frameworks to produce software execution traces which contain information about the memory addresses being accessed. We show how DCA can extract the secret key from all publicly (non-commercial) available whitebox programs implementing standardized cryptography by analyzing these traces to identify secret-key dependent correlations.

show abstract

Section: Miscellaneous White-box Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 93%

See 1 more Smart Citation

Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough

Bos

Hubain²,

Michiels

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…This stresses the need for further security notions dedicated to white-box cryptography. We then review some previous works on the subject and in particular the notions of unbreakability, one-wayness, incompressibility and traceability as formalised in [DLPR14].…”

Section: December 2017mentioning

confidence: 99%

Smart Card Research and Advanced Applications

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

“…A less ambitious goal, proposed in [DLPR13,BBK14] is that an adversary having access to the implementation of an encryption scheme may be able to encrypt (at least via code lifting), but should remain unable to decrypt. This notion is called strong white-box in [BBK14] and one-wayness in [DLPR13].…”

Section: White-box Cryptographymentioning

confidence: 99%

Efficient and Provable White-Box Primitives

Fouque

Karpman

Kirchner

et al. 2016

Advances in Cryptology – ASIACRYPT 2016

View full text Add to dashboard Cite

Abstract. In recent years there have been several attempts to build white-box block ciphers whose implementations aim to be incompressible. This includes the weak white-box ASASA construction by Bouillaguet, Biryukov and Khovratovich from Asiacrypt 2014, and the recent space-hard construction by Bogdanov and Isobe from CCS 2015.In this article we propose the first constructions aiming at the same goal while offering provable security guarantees. Moreover we propose concrete instantiations of our constructions, which prove to be quite efficient and competitive with prior work. Thus provable security comes with a surprisingly low overhead.

show abstract

White-Box Security Notions for Symmetric Encryption Schemes

Cited by 46 publications

References 29 publications

Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough

Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough

Smart Card Research and Advanced Applications

Efficient and Provable White-Box Primitives

Contact Info

Product

Resources

About