White-Box Cryptography in the Gray Box
نویسندگان
چکیده
Implementations of white-box cryptography aim to protect a secret key in a white-box environment in which an adversary has full control over the execution process and the entire environment. Its fundamental principle is the map of the cryptographic architecture, including the secret key, to a number of encoded tables that shall resist the inspection and decomposition of an attacker. In a gray-box scenario, however, the property of hiding required implementation details from the attacker could be used as a promising mitigation strategy against side-channel attacks (SCA). In this work, we present a first white-box implementation of AES on reconfigurable hardware for which we evaluate this approach assuming a gray-box attacker. We show that – unfortunately – such an implementation does not provide sufficient protection against an SCA attacker. We continue our evaluations by a thorough analysis of the source of the observed leakage, and present additional results which can be used to build stronger white-box designs.
منابع مشابه
A White-Box Cryptographic Implementation for Protecting against Power Analysis
Encoded lookup tables used in white-box cryptography are known to be vulnerable to power analysis due to the imbalanced encoding. This means that the countermeasures against white-box attacks can not even defend against gray-box attacks. For this reason, those who want to defend against power analysis through the white-box cryptographic implementation need to find other ways. In this paper, we ...
متن کاملAn Introduction to Differential Computation Analysis (DCA) on the withe-box cryptography algorithms
Advances in information and communication technologies lead to use of some new devices such as smart phones. The new devices provide more advantages for the adversaries hence with respect to them, one can define with-box cryptography. In this new model of cryptography, designers try to hide the key using as a kind of implementation. The Differential Computation Analysis (DCA) is a side channel ...
متن کاملA Masked White-box Cryptographic Implementation for Protecting against Differential Computation Analysis
Recently, gray-box attacks on white-box cryptographic implementations have succeeded. These attacks are more efficient than white-box attacks because they can be performed without detailed knowledge of the target implementation. The success of the gray-box attack is reportedly due to the unbalanced encoding used to generate the whitebox lookup table. In this paper, we propose a method to protec...
متن کاملWhite-Box Security Notions for Symmetric Encryption Schemes
White-box cryptography has attracted a growing interest from researchers in the last decade. Several white-box implementations of standard block-ciphers (DES, AES) have been proposed but they have all been broken. On the other hand, neither evidence of existence nor proofs of impossibility have been provided for this particular setting. This might be in part because it is still quite unclear wh...
متن کاملWhite-Box Cryptography: Formal Notions and (Im)possibility Results
A key research question in computer security is whether one can implement software that offers some protection against software attacks from its execution platform. While code obfuscation attempts to hide certain characteristics of a program P , white-box cryptography specifically focusses on software implementations of cryptographic primitives (such as encryption schemes); the goal of a white-...
متن کامل