A Survey on White Box Cryptography Model for Mobile Payment Systems

  • Öznur ŞengelEmail author
  • Muhammed Ali Aydin
  • Ahmet Sertbaş
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 504)


The technology is showing rapid development and these developments are changing our lives, our habits, and our needs. As electronic devices, which are indispensable for our daily lives, continue to be intelligent, we are able to do our every operation through these devices. Mobile payment technologies and services are one of the innovations. Consumers all over the world and in our country have started to use their mobile devices as a means of payment as well as communication services. With rapidly developing technology, one of the most important needs of many systems such as electronic, mobile and bank is to move and store the data safely. In addition to data security in electronic transactions, the speed of the system operations is becoming very important. Developing a mobile payment system whether by installing an application or using existing hardware, the most important issue in both cases is the creation of a reliable system based on the protection of the current situation of the consumer and the confidentiality of their information.


Mobile payment Cryptography Cryptography model White box cryptography Data security 



This work is also a part of the Ph.D. thesis titled Model Design and Performance Analysis for Secure Storage of Personel Data in Mobile Payment Systems at Istanbul University, Institute of Physical Sciences.


  1. 1.
    BAKM (BKM) (2014) Kredi Kartı Kullanım Alışkanlıkları Araştırması 2014, Kart Monitör.
  2. 2.
    BAKM (BKM) (31 Mart) Mektupla/ Telefonla Sipariş Ve İnternette Yapılan Kartlı Ödeme İşlemleri Raporu.
  3. 3.
    (2013, 31 Mart). Türkiye’deki Ödeme Sistemlerinin Kırılımı: Alternatif Ödeme Sistemleri ve Detayları.
  4. 4.
    Lamport L (1981) Password authentication with insecure communication, (in English). Commun ACM 24(11):770–772MathSciNetCrossRefGoogle Scholar
  5. 5.
    Gong LY, Pan JX, Liu BB, Zhao SM (2013) A novel one-time password mutual authentication scheme on sharing renewed finite random sub-passwords, (in English). J Comput Syst Sci 79(1):122–130CrossRefGoogle Scholar
  6. 6.
    Huang Y, Huang Z, Zhao HR, Lai XJ (2013) A new one-time password method (in English). In: 2013 International conference on electronic engineering and computer science (EECS 2013), vol 4, pp 32–37CrossRefGoogle Scholar
  7. 7.
    Khitrov M (2013) Talking passwords: voice biometrics for data access and security. Biom Technol Today 2013(2):9–11CrossRefGoogle Scholar
  8. 8.
    Dhamija R, Perrig A (2000) Deja Vu: a user study using images for authentication (in English). In: Proceedings of the ninth usenix security symposium, Usenix Association, pp 45–58Google Scholar
  9. 9.
    Brostoff S, Sasse MA (2000) Are passfaces more usable than passwords? A field trial investigation (in English). In: People and computers Xiv - usability or else!, pp 405–424CrossRefGoogle Scholar
  10. 10.
    Wiedenbeck S, Waters J, Birget J-C, Brodskiy A, Memon N (2005) Authentication using graphical passwords: Effects of tolerance and image choice. In: Proceedings of the 2005 symposium on usable privacy and security, 2005. ACM, pp 1–12Google Scholar
  11. 11.
    Jansen W (2003) Authenticating users on handheld devices. In: Proceedings of the Canadian information technology security symposium, 2003, pp 1–12Google Scholar
  12. 12.
    Jansen W (2004) Authenticating mobile device users through image selection. In: WIT transactions on information and communication technologies, vol 30Google Scholar
  13. 13.
    Vigila SAMC, Muneeswaran K, Antony WTBA (2015) Biometric security system over finite field for mobile applications (in English). IET Inf Secur 9(2):119–126CrossRefGoogle Scholar
  14. 14.
    Dandawate YH, Inamdar SR (2015) Fusion based multimodal biometric cryptosystem (in English). In: 2015 International Conference on Industrial Instrumentation and Control (ICIC), pp 1484–1489Google Scholar
  15. 15.
    Faquih A, Kadam P, Saquib Z (2015) Cryptographic techniques for wireless sensor networks: a survey (in English). In: 2015 IEEE bombay section symposium (IBSS)Google Scholar
  16. 16.
    Shankar K, Eswaran P (2016) A new k out of n secret image sharing scheme in visual cryptography (in English). In: Proceedings of the 10th international conference on intelligent systems and control (ISCO’16)Google Scholar
  17. 17.
    Panchal G, Samanta D (2016) Comparable features and same cryptography key generation using biometric fingerprint image (in English). In: Proceedings of the 2016 IEEE 2nd international conference on advances in electrical & electronics, information, communication & bio informatics (IEEE AEEICB-2016), pp 691–695Google Scholar
  18. 18.
    Beunardeau M, Connolly A, Geraud R, Naccache D (2016) White-box cryptography: security in an insecure environment (in English). IEEE Secur Priv 14(5):88–92CrossRefGoogle Scholar
  19. 19.
    Chow S, Eisen P, Johnson H, Van Orschot PC (2003) White-box cryptography and an AES implementation (in English). Sel Areas Cryptogr 2595:250–270zbMATHGoogle Scholar
  20. 20.
    Chow S, Eisen P, Johnson H, van Oorschot PC (2002) A white-box DES implementation for DRM applications (in English). Digit Rights Manag 2696:1–15zbMATHGoogle Scholar
  21. 21.
    Wyseur B, Michiels W, Gorissen P, Preneel B (2007) Cryptanalysis of white-box DES implementations with arbitrary external encodings. In: International workshop on selected areas in cryptography. Springer, Berlin, pp 264–277Google Scholar
  22. 22.
    Lepoint T, Rivain M, De Mulder Y, Roelse P, Preneel B (2014) Two attacks on a white-box AES implementation (in English). In: Selected areas in cryptography - Sac 2013, vol 8282, pp 265–285CrossRefGoogle Scholar
  23. 23.
    Billet O, Gilbert H, Ech-Chatbi C (2005) Cryptanalysis of a white box AES implementation (in English). Sel Areas Cryptogr 3357:227–240CrossRefGoogle Scholar
  24. 24.
    Michiels W, Gorissen P, Hollmann HDL (2009) Cryptanalysis of a generic class of white-box implementations (in English). Sel Areas Cryptogr 5381:414–428CrossRefGoogle Scholar
  25. 25.
    Tolhuizen L (2012) Improved cryptanalysis of an AES implementation. In: Proceedings of the 33rd WIC symposium on information theory in the Benelux, Boekelo, The Netherlands, May 24–25, 2012, 2012: WIC (Werkgemeenschap voor Inform.-en Communicatietheorie)Google Scholar
  26. 26.
    Billet O, Gilbert H (2003) A traceable block cipher (in English). Adv Cryptol Asiacrypt 2894:331–346Google Scholar
  27. 27.
    Patarin J (1996) Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms (in English). In: Advances in Cryptology - Eurocrypt ‘96, vol 1070, pp 33–48CrossRefGoogle Scholar
  28. 28.
    Faugere JC, Perret L (2006) Polynomial equivalence problems: algorithmic and theoretical aspects (in English). In: Advances in cryptology - eurocrypt 2006, proceedings, vol 4004, pp 30–47CrossRefGoogle Scholar
  29. 29.
    Karroumi M (2010) Protecting white-box AES with dual ciphers. In: ICISC, 2010, vol 6829. Springer, Berlin, pp 278–291CrossRefGoogle Scholar
  30. 30.
    Gueron S (2013) White box AES using Intel’s new AES instructions (in English). In: Proceedings of the 2013 10th international conference on information technology: new generations, pp 417–421Google Scholar
  31. 31.
    Azhar I, Ahmed N, Abbasi AG, Kiani A, Shibli A (2014) Keeping secret keys secret in open systems (in English). In: 2014 international conference on open source systems and technologies (ICOSST), pp 100–104Google Scholar
  32. 32.
    Luo R, Lai XJ, You R (2014) A new attempt of white-box AES implementation (in English). In: 2014 International conference on security, pattern analysis, and cybernetics (SPAC), pp 423–429Google Scholar
  33. 33.
    Shi Y, He ZJ (2014) A lightweight white-box symmetric encryption algorithm against node capture for WSNs (in English). In 2014 IEEE wireless communications and networking conference (WCNC), pp 3058–3063Google Scholar
  34. 34.
    Delerablee C, Lepoint T, Paillier P, Rivain M (2014) White-box security notions for symmetric encryption schemes (in English). In: Selected areas in cryptography - SAC 2013, vol 8282, pp 247–264CrossRefGoogle Scholar
  35. 35.
    Saxena A, Wyseur B, Preneel B (2009) Towards security notions for white-box cryptography. In: Proceedings of Information security, pp 49–58Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Öznur Şengel
    • 1
    Email author
  • Muhammed Ali Aydin
    • 2
  • Ahmet Sertbaş
    • 2
  1. 1.Computer Engineering Departmentİstanbul Kültür UniversityİstanbulTurkey
  2. 2.Computer Engineering Departmentİstanbul UniversityİstanbulTurkey

Personalised recommendations