Advertisement

Doubly Half-Injective PRGs for Incompressible White-Box Cryptography

  • Estuardo Alpirez Bock
  • Alessandro Amadori
  • Joppe W. Bos
  • Chris BrzuskaEmail author
  • Wil Michiels
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11405)

Abstract

White-box cryptography was originally introduced in the setting of digital rights management with the goal of preventing a user from illegally re-distributing their software decryption program. In recent years, mobile payment has become a popular new application for white-box cryptography. Here, white-box cryptography is used to increase the robustness against external adversaries (i.e., not the user) who aim to misuse/attack the cryptographic functionalities of the payment application. A necessary requirement for secure white-box cryptography is that an adversary cannot extract the embedded secret key from the implementation. However, a white-box implementation needs to fulfill further security properties in order to provide useful protection of an application. In this paper we focus on the popular property incompressibility that is a mitigation technique against code-lifting attacks. We provide an incompressible white-box encryption scheme based on the standard-assumption of one-way permutations whereas previous work used either public-key type assumptions or non-standard symmetric-type assumptions.

Keywords

White-box cryptography Incompressibility One-way permutations 

References

  1. 1.
    Barak, B., et al.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_1CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44448-3_41CrossRefGoogle Scholar
  3. 3.
    Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a white box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-30564-4_16CrossRefGoogle Scholar
  4. 4.
    Biryukov, A., Bouillaguet, C., Khovratovich, D.: Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract). In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. Part I, of LNCS, vol. 8873, pp. 63–84. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  5. 5.
    Bogdanov, A., Isobe, T.: White-box cryptography revisited: space-hard ciphers. In: Ray, I., Li, N., Kruegel, C. (eds.) ACM CCS 2015, pp. 1058–1069. ACM Press, October 2015Google Scholar
  6. 6.
    Bogdanov, A., Isobe, T., Tischhauser, E.: Towards practical whitebox cryptography: optimizing efficiency and space hardness. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 126–158. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_5CrossRefGoogle Scholar
  7. 7.
    Bos, J.W., Hubain, C., Michiels, W., Teuwen, P.: Differential computation analysis: hiding your white-box designs is not enough. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 215–236. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53140-2_11CrossRefGoogle Scholar
  8. 8.
    Bringer, J., Chabanne, H., Dottax, E.: White box cryptography: another attempt. Cryptology ePrint Archive, Report 2006/468 2006. http://eprint.iacr.org/2006/468
  9. 9.
    Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.C.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36492-7_17CrossRefzbMATHGoogle Scholar
  10. 10.
    Chow, S., Eisen, P., Johnson, H., van Oorschot, P.C.: A white-box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-44993-5_1CrossRefGoogle Scholar
  11. 11.
    Delerablée, C., Lepoint, T., Paillier, P., Rivain, M.: White-box security notions for symmetric encryption schemes. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 247–264. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43414-7_13CrossRefGoogle Scholar
  12. 12.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24676-3_31CrossRefGoogle Scholar
  13. 13.
    ECRYPT: Ches 2017 capture the flag challenge - the whibox contest 2017. https://whibox.cr.yp.to/
  14. 14.
    Fouque, P.-A., Karpman, P., Kirchner, P., Minaud, B.: Efficient and provable white-box primitives. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 159–188. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_6CrossRefGoogle Scholar
  15. 15.
    Garg, S., Pandey, O., Srinivasan, A.: Revisiting the cryptographic hardness of finding a nash equilibrium. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 579–604. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_20CrossRefGoogle Scholar
  16. 16.
    Garg, S., Pandey, O., Srinivasan, A., Zhandry, M.: Breaking the sub-exponential barrier in obfustopia. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 156–181. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56617-7_6CrossRefzbMATHGoogle Scholar
  17. 17.
    Goldreich, O.: Foundations of Cryptography: Basic Tools, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefGoogle Scholar
  18. 18.
    Goldreich, O.: Foundations of Cryptography: Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)CrossRefGoogle Scholar
  19. 19.
    Goldreich, O., Goldwasser, S., Micali, S.: On the cryptographic applications of random functions. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 276–288. Springer, Heidelberg (1984).  https://doi.org/10.1007/3-540-39568-7_22CrossRefGoogle Scholar
  20. 20.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: 21st ACM STOC, pp. 25–32. ACM Press, May 1989Google Scholar
  21. 21.
    Goubin, L., Masereel, J.-M., Quisquater, M.: Cryptanalysis of white box DES implementations. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 278–295. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-77360-3_18CrossRefGoogle Scholar
  22. 22.
    Impagliazzo, R.: A personal view of average-case complexity. In: Proceedings of the Tenth Annual Structure in Complexity Theory Conference, Minneapolis, Minnesota, USA, 19–22 June 1995, pp. 134–147. IEEE Computer Society (1995)Google Scholar
  23. 23.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: 21st ACM STOC, pp. 44–61. ACM Press, May 1989Google Scholar
  24. 24.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 8–26. Springer, New York (1990).  https://doi.org/10.1007/0-387-34799-2_2CrossRefGoogle Scholar
  25. 25.
    Jacob, M., Boneh, D., Felten, E.: Attacking an obfuscated cipher by injecting faults. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 16–31. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-44993-5_2CrossRefGoogle Scholar
  26. 26.
    Karroumi, M.: Protecting white-box AES with dual ciphers. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 278–291. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24209-0_19CrossRefGoogle Scholar
  27. 27.
    Krawczyk, H.: The order of encryption and authentication for protecting communications (or: how secure Is SSL?). In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 310–331. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_19CrossRefGoogle Scholar
  28. 28.
    Lepoint, T., Rivain, M., De Mulder, Y., Roelse, P., Preneel, B.: Two attacks on a white-box AES implementation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 265–285. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43414-7_14CrossRefGoogle Scholar
  29. 29.
    Link, H.E., Neumann, W.D.: Clarifying obfuscation: improving the security of white-box encoding. Cryptology ePrint Archive, Report 2004/025 2004. http://eprint.iacr.org/2004/025
  30. 30.
  31. 31.
    Alpirez Bock, E., Brzuska, C., Michiels, W., Treff, A.: On the ineffectiveness of internal encodings - revisiting the DCA attack on white-box cryptography. Cryptology ePrint Archive, Report 2018/301 2018. https://eprint.iacr.org/2018/301.pdf
  32. 32.
    Mulder, Y.D., Roelse, P., Preneel, B.: Cryptanalysis of the Xiao-Lai white-box AES implementation. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 34–49. Springer, Heidelberg (2013)Google Scholar
  33. 33.
    De Mulder, Y., Wyseur, B., Preneel, B.: Cryptanalysis of a perturbated white-box AES implementation. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 292–310. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17401-8_21CrossRefGoogle Scholar
  34. 34.
    Reyzin, L.: Some notions of entropy for cryptography. In: Fehr, S. (ed.) ICITS 2011. LNCS, vol. 6673, pp. 138–142. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20728-0_13CrossRefGoogle Scholar
  35. 35.
    Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signature and public-key cryptosystems. Commun. Assoc. Comput. Mach. 21(2), 120–126 (1978)MathSciNetzbMATHGoogle Scholar
  36. 36.
    Sanfelix, E., de Haas, J., Mune, C.: Unboxing the white-box: practical attacks against obfuscated ciphers. Presentation at BlackHat Europe 2015 (2015). https://www.blackhat.com/eu-15/briefings.html
  37. 37.
    Saxena, A., Wyseur, B., Preneel, B.: Towards security notions for white-box cryptography. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 49–58. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04474-8_4CrossRefzbMATHGoogle Scholar
  38. 38.
    Smart Card Alliance Mobile and NFC Council. Host card emulation 101. white paper (2014). http://www.smartcardalliance.org/downloads/HCE-101-WP-FINAL-081114-clean.pdf
  39. 39.
    Wyseur, B., Michiels, W., Gorissen, P., Preneel, B.: Cryptanalysis of white-box DES implementations with arbitrary external encodings. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 264–277. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-77360-3_17CrossRefGoogle Scholar
  40. 40.
    Xiao, Y., Lai, X.: A secure implementation of white-box AES. In: 2009 2nd International Conference on Computer Science and its Applications, pp. 1–6. IEEE Computer Society (2009)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Estuardo Alpirez Bock
    • 1
  • Alessandro Amadori
    • 2
  • Joppe W. Bos
    • 3
  • Chris Brzuska
    • 1
    Email author
  • Wil Michiels
    • 2
    • 3
  1. 1.Aalto UniversityHelsinkiFinland
  2. 2.Technische Universiteit EindhovenEindhovenThe Netherlands
  3. 3.NXP SemiconductorsEindhovenThe Netherlands

Personalised recommendations