Reference : Attacks and Countermeasures for White-box Designs
E-prints/Working papers : First made available on ORBilu
Engineering, computing & technology : Computer science
Security, Reliability and Trust
Attacks and Countermeasures for White-box Designs
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Udovenko, Aleksei mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
[en] white-box ; obfuscation ; cryptanalysis
[en] In the traditional symmetric cryptography, the adversary has access only to the inputs and outputs of a cryptographic primitive. In the white-box model the adversary is given full access to the implementation. He can use both static and dynamic analysis as well as fault analysis in order to break the cryptosystem, e.g. to extract embedded secret key. Implementations secure in such model have many applications in industry. However, creating such implementations turns out to be a very challenging if not an impossible task. Recently, Bos et al. proposed a generic attack on white-box primitives called differential computation analysis (DCA). This attack applies to most existent white-box implementations both from academia and industry. The attack comes from side-channel cryptanalysis method. The most common method protecting against such side-channel attacks is masking. Therefore, masking can be used in white-box implementations to protect against the DCA attack. In this paper we investigate this possibility and present multiple generic attacks against masked white-box implementations. We use the term “masking” in a very broad sense. As a result, we deduce new constraints that any secure white-box implementation must satisfy. We suggest partial countermeasures against the attacks. Some of our attacks were successfully applied to the WhibOx 2017 challenges.
Fonds National de la Recherche - FnR
Researchers ; Professionals

File(s) associated to this reference

Fulltext file(s):

Open access
WhiteBoxAttacks.pdfAuthor preprint344.39 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.