255 research outputs found
White-Box Cryptography: Formal Notions and (Im)possibility Results
A key research question in computer security is whether
one can implement software that offers some protection
against software attacks from its execution platform. While
code obfuscation attempts to hide certain characteristics of
a program P, white-box cryptography specifically focusses
on software implementations of cryptographic primitives
(such as encryption schemes); the goal of a white-box implementation
is to offer a certain level of robustness against
an adversary who has full access to and control over the
implementation of the primitive. Several formal models for
obfuscation have been presented before, but it is not clear if
any of these definitions can capture the concept of white-box
cryptography. In this paper, we discuss the relation between
obfuscation and white-box cryptography, and formalize the
notion of white-box cryptography by capturing the security
requirement using a \u27White-Box Property\u27 (WBP). In
the second part, we present positive and negative results on
white-box cryptography. We show that for interesting programs
(such as encryption schemes, and digital signature
schemes), there are security notions that cannot be satisfied
when adversaries have white-box access, while the notion
is satisfied when the adversary has black-box access to its
functionality. On the positive side, we show that there exists
an obfuscator for a symmetric encryption scheme for which
a useful security notion (such as CPA security) remains satisfied
when an adversary has access to its white-box implementation
Revisiting software protection
We provide a selective survey on software protection, including approaches to software tamper resistance, obfuscation, software diversity, and white-box cryptography. We review the early literature in the area plus recent activities related to trusted platforms, and discuss challenges and future directions
Hybrid WBC: Secure and Efficient White-Box Encryption Schemes
White-box cryptography aims at providing security against an adversary that has access to the encryption process. Numerous white-box encryption schemes were proposed since the introduction
of white-box cryptography by Chow et al. in 2002. However, most of them are slow, and thus, can be used in practice only to protect very small amounts of information, such as encryption keys.
In this paper we present a new threat model for white-box cryptography which corresponds to the practical abilities of the adversary in a wide range of applications. Furthermore, we study design criteria for white-box primitives that are important from the industry point of view. Finally, we propose a class of new primitives that combine a white-box algorithm with a standard block cipher to obtain white-box protection for encrypting long messages, with high
security and reasonable performance
Efficient Oblivious Transfer Protocols based on White-Box Cryptography
Oblivious transfer protocol is an important cryptographic primitive having numerous applications and particularly playing an essential role in secure multiparty computation protocols. On the other hand existing oblivious transfer protocols are based on computationally expensive public-key operations which remains the main obstacle for employing such protocols in practical applications. In this paper a novel approach for designing oblivious transfer protocols is introduced based on the idea of replacing public-key operations by white-box cryptography techniques. As a result oblivious transfer protocols based on white-box cryptography run several times faster and require less communication bandwidth compared with the existing protocols
White-Box Encryption Scheme Using a Quantum Memory
White-box cryptography is often used in embedded applications. Although white-box cryptography with provable security has been proposed recently, the circuit size is much larger than that of usual block ciphers. We address this problem in a different way from previous works. In particular, we propose a white-box symmetric cipher using quantum memory. The size of our cipher is a polynomial in input-length and output-length of an underlying function. The security against classical attacks is reduced to the security of the underlying classical pseudo-random function. We show that quantum attacks using the generalized Grover algorithm to our cipher are ineffective
White-Box Cryptography and SPN ciphers. LRC method.
The method of concealing a linear relationship between elements of a finite field (LRC method) is described. An LRC method based approach to the secure white-box implementations creating problem is considered. SPN cipher characteristics to create its secure White-Box implementation are revealed
On the Linear Transformation in White-box Cryptography
Linear transformations are applied to the white-box cryptographic implementation for the diffusion effect to prevent key-dependent intermediate values from being analyzed. However, it has been shown that there still exists a correlation before and after the linear transformation, and thus this is not enough to protect the key against statistical analysis. So far, the Hamming weight of rows in the invertible matrix has been considered the main cause of the key leakage from the linear transformation.
In this study, we present an in-depth analysis of the distribution of intermediate values and the characteristics of block invertible binary matrices. Our mathematical analysis and experimental results show that the balanced distribution of the key-dependent intermediate value is the main cause of the key leakage
ํ์ดํธ ๋ฐ์ค ๋ฐ ๊ฒฉ์ ์ํธ ๋ถ์ ๋๊ตฌ
ํ์๋
ผ๋ฌธ (๋ฐ์ฌ)-- ์์ธ๋ํ๊ต ๋ํ์ : ์๋ฆฌ๊ณผํ๋ถ, 2016. 2. ๊น๋ช
ํ.In crypto world, the existence of analytic toolbox which can be used as the measure of security is very important in order to design cryptographic systems.
In this thesis, we focus on white-box cryptography and lattice based cryptography, and present analytic tools for them.
White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a whitebox implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography.
In this thesis, we present an analytic toolbox on white-box implementations of the Chow et al.s style using lookup tables. Our toolbox could be used to measure the security of white-box implementations.
Lattice based cryptography is very interesting field of cryptography nowadays.
Many hard problems on lattice can be reduced to some specific form of the shortest vector problem or closest vector problem, and hence related to problem of finding a short basis for given lattice.
Therefore, good lattice reduction algorithm can play a role of analytic tools for lattice based cryptography.
We proposed an algorithm for lattice basis reduction which uses block reduction. This provides some trade-off of reduction time and quality. This can gives a guideline for the parameter setting of lattice based cryptography.CHAPTER 1 Introduction 1
1.1 Contributions 5
1.2 Organization 8
CHAPTER 2 Preliminaries 9
2.1 SLT Cipher 10
2.2 White-box Implementations 11
2.2.1 Chow et al.'s implementation 12
2.2.2 BGE Attack 13
2.2.3 Michiels et al.'s Cryptanalysis for SLT cipher 14
2.3 Lattice Basis Reduction 15
2.3.1 Lattice 15
2.3.2 LLL Algorithm 16
CHAPTER 3 Analytic Tools for White-box Cryptography 20
3.1 General Model for CEJO framework 21
3.2 Attack Toolbox for White-Box Implementation 24
3.2.1 Recovering Nonlinear Encodings 24
3.2.2 Ane Equivalence Algorithm with Multiple S-boxes 30
3.3 Approaches for Resisting Our Attack Tools 38
3.3.1 Limitation of White-Box Implementation 38
3.3.2 Perspective of White-Box Implementation 40
3.4 A Proposal for a White-Box Implementation of the AES Cipher 42
CHAPTER 4 New Lattice Basis Reduction Algorithm 48
4.1 Nearest Plane Algorithm 51
4.2 Blockwise LLL Algorithm 56
CHAPTER 5 Conclusions 61
Abstract (in Korean) 69Docto
- โฆ