Abstract
George Danezis: When you say, your program should be indistinguishable from a randomly selected program, does that give also the ability of the adversary to run it against some inputs? What aspect of it is indistinguishable, is it the output, given input?
Reply: The notion here is that, if I give them the program, I really don’t want them to be able to tell what functionality is inside there through white box analysis. You may be able to see if you use black box analysis, you examine the IO relationships, and obviously if you can determine the program’s relationship comprehensively, then you know what the program does. And there are limited models that say you know most of what a program does, but not precisely: for example, Goldreich and Barak’s proof was based on the ability to distinguish a point function from a zero function. If we have a function and we put values into it, and get lots, and lots of zeros, well we know we get lots and lots of zeros out, but unless we exhaustively test it, it’s from a random oracle model and you can’t determine if it’s a point function unless you just get lucky and computationally you can’t do that. So black box analysis can’t tell us everything about programs, but sometimes it can tell us a whole lot. White box analysis, on the other hand, you can do either just by examining the code, or you can do extensive dynamic analysis, feeding input in and watching variables change, and watching control structures, and you folks are all familiar with those things.
The adversary’s challenge in our environment is that if your encryption is reasonably strong, then they can’t do black box analysis on it. In a white box analysis, interestingly enough, all the structures are going to be identical because we create these atomic functions which you might think of as essentially an implementation of a table. So it’s just a table lookup, the structure of all programs are the same, so white box analysis essentially doesn’t give you anything in terms of the intent of the program, the structure of the code is the same for every implementation of these atomic functions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsAuthor information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yasinsac, A. (2010). Towards Working with Small Atomic Functions. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2007. Lecture Notes in Computer Science, vol 5964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17773-6_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-17773-6_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17772-9
Online ISBN: 978-3-642-17773-6
eBook Packages: Computer ScienceComputer Science (R0)