Towards Security Notions for White-Box Cryptography

  • Amitabh Saxena
  • Brecht Wyseur
  • Bart Preneel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5735)

Abstract

While code obfuscation attempts to hide certain characteristics of a program independently of an application, white-box cryptography (WBC) specifically focuses on software implementations of cryptographic primitives in an application. The aim of WBC is to resist attacks from an adversary having access to some ‘executable’ code with an embedded secret key. WBC, if possible, would have several applications. However, unlike obfuscation, it lacks a theoretical foundation. We present a first step towards a theoretical model of WBC via white-box security notions. We also present some positive and negative results on WBC and obfuscation. In particular, we show that for most interesting programs (such as an encryption algorithm), there are security notions that cannot be satisfied when the adversary has white-box access, while they are satisfied when it has black-box access. On the positive side, we show that there exists an obfuscator for a symmetric encryption scheme in the context of a useful security-notion (such as IND-CPA).

Keywords

Encryption Scheme Random Oracle Security Notion Weil Pairing Challenge Ciphertext 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Chow, S., Eisen, P.A., Johnson, H., van Oorschot, P.C.: White-Box Cryptography and an AES Implementation. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Chow, S., Eisen, P.A., Johnson, H., van Oorschot, P.C.: A white-box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a White Box AES Implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Goubin, L., Masereel, J.M., Quisquater, M.: Cryptanalysis of White Box DES Implementations. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 278–295. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Wyseur, B., Michiels, W., Gorissen, P., Preneel, B.: Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 264–277. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Hada, S.: Zero-Knowledge and Code Obfuscation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 443–457. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (Im)possibility of Obfuscating Programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Goldwasser, S., Kalai, Y.T.: On the Impossibility of Obfuscation with Auxiliary Input. In: Proceedings of the 46th Symposium on Foundations of Computer Science (FOCS 2005), Washington, DC, USA, pp. 553–562. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  9. 9.
    Lynn, B., Prabhakaran, M., Sahai, A.: Positive Results and Techniques for Obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Wee, H.: On Obfuscating Point Functions. In: Proceedings of the 37th ACM Symposium on Theory of Computing (STOC 2005), pp. 523–532. ACM Press, New York (2005)Google Scholar
  11. 11.
    Hohenberger, S., Rothblum, G., Shelat, A., Vaikuntanathan, V.: Securely Obfuscating Re-Encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 233–252. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Hofheinz, D., Malone-Lee, J., Stam, M.: Obfuscation for Cryptographic Purposes. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 214–232. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Goldwasser, S., Rothblum, G.N.: On Best-Possible Obfuscation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 194–213. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Canetti, R., Dakdouk, R.R.: Obfuscating Point Functions with Multibit Output. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 489–508. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  16. 16.
    Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Goldwasser, S., Micali, S.: Probabilistic Encryption and How to Play Mental Poker Keeping Secret All Partial Information. In: Proceedings of the 14th ACM Symposium on Theory of Computing (STOC 1982), pp. 365–377. ACM Press, New York (1982)Google Scholar
  18. 18.
    Goldwasser, S., Micali, S.: Probabilistic Encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Saxena, A., Wyseur, B., Preneel, B.: White-box cryptography: Formal notions and (im)possibility results. Cryptology ePrint Archive, Report 2008/273 (2008), http://eprint.iacr.org/
  20. 20.
    Boneh, D., Franklin, M.K.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Amitabh Saxena
    • 1
  • Brecht Wyseur
    • 2
  • Bart Preneel
    • 2
  1. 1.International University in GermanyBruchsalGermany
  2. 2.Katholieke Universiteit Leuven – ESAT / COSIC-IBBTHeverleeBelgium

Personalised recommendations