Towards Security Notions for White-Box Cryptography

While code obfuscation attempts to hide certain characteristics of a program independently of an application, white-box cryptography (WBC) specifically focuses on software implementations of cryptographic primitives in an application. The aim of WBC is to resist attacks from an adversary having access to some ‘executable’ code with an embedded secret key. WBC, if possible, would have several applications. However, unlike obfuscation, it lacks a theoretical foundation. We present a first step towards a theoretical model of WBC via white-box security notions. We also present some positive and negative results on WBC and obfuscation. In particular, we show that for most interesting programs (such as an encryption algorithm), there are security notions that cannot be satisfied when the adversary has white-box access, while they are satisfied when it has black-box access. On the positive side, we show that there exists an obfuscator for a symmetric encryption scheme in the context of a useful security-notion (such as IND-CPA).