Security Reductions for White-Box Key-Storage in Mobile Payments

Estuardo Alpirez Bock; Chris Brzuska; Marc Fischlin; Christian Janson; Wil Michiels

doi:10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments

Estuardo Alpirez Bock^*, Chris Brzuska, Marc Fischlin, Christian Janson, Wil Michiels

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

Abstract

The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

Original language	English
Title of host publication	International Conference on the Theory and Application of Cryptology and Information Security
Subtitle of host publication	ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020
Pages	221-252
Number of pages	32
ISBN (Electronic)	978-3-030-64837-4
DOIs	https://doi.org/10.1007/978-3-030-64837-4_8
Publication status	Published - 2020
MoE publication type	A4 Article in a conference publication
Event	International Conference on the Theory and Application of Cryptology and Information Security - Daejeon, Korea, Democratic People's Republic of Duration: 7 Dec 2020 → 11 Dec 2020 Conference number: 26

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	12491

Conference

Conference	International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated title	Asiacrypt
Country	Korea, Democratic People's Republic of
City	Daejeon
Period	07/12/2020 → 11/12/2020

Access to Document

10.1007/978-3-030-64837-4_8

Cite this

Alpirez Bock, E., Brzuska, C., Fischlin, M., Janson, C., & Michiels, W. (2020). Security Reductions for White-Box Key-Storage in Mobile Payments. In International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 (pp. 221-252). (Lecture Notes in Computer Science ; Vol. 12491). https://doi.org/10.1007/978-3-030-64837-4_8

Alpirez Bock, Estuardo ; Brzuska, Chris ; Fischlin, Marc ; Janson, Christian ; Michiels, Wil. / Security Reductions for White-Box Key-Storage in Mobile Payments. International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . 2020. pp. 221-252 (Lecture Notes in Computer Science ).

@inproceedings{a229ecdb88534c50b49e2263afab13d0,

title = "Security Reductions for White-Box Key-Storage in Mobile Payments",

abstract = "The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.",

author = "{Alpirez Bock}, Estuardo and Chris Brzuska and Marc Fischlin and Christian Janson and Wil Michiels",

year = "2020",

doi = "10.1007/978-3-030-64837-4_8",

language = "English",

isbn = "978-3-030-64836-7",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "221--252",

booktitle = "International Conference on the Theory and Application of Cryptology and Information Security",

note = "International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt ; Conference date: 07-12-2020 Through 11-12-2020",

}

Alpirez Bock, E , Brzuska, C, Fischlin, M, Janson, C & Michiels, W 2020, Security Reductions for White-Box Key-Storage in Mobile Payments. in International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . Lecture Notes in Computer Science , vol. 12491, pp. 221-252, International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, Korea, Democratic People's Republic of, 07/12/2020. https://doi.org/10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments. / Alpirez Bock, Estuardo ; Brzuska, Chris; Fischlin, Marc; Janson, Christian; Michiels, Wil.

International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . 2020. p. 221-252 (Lecture Notes in Computer Science ; Vol. 12491).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Security Reductions for White-Box Key-Storage in Mobile Payments

AU - Alpirez Bock, Estuardo

AU - Brzuska, Chris

AU - Fischlin, Marc

AU - Janson, Christian

AU - Michiels, Wil

N1 - Conference code: 26

PY - 2020

Y1 - 2020

N2 - The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

AB - The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

U2 - 10.1007/978-3-030-64837-4_8

DO - 10.1007/978-3-030-64837-4_8

M3 - Conference contribution

SN - 978-3-030-64836-7

T3 - Lecture Notes in Computer Science

SP - 221

EP - 252

BT - International Conference on the Theory and Application of Cryptology and Information Security

T2 - International Conference on the Theory and Application of Cryptology and Information Security

Y2 - 7 December 2020 through 11 December 2020

ER -

Alpirez Bock E , Brzuska C, Fischlin M, Janson C, Michiels W. Security Reductions for White-Box Key-Storage in Mobile Payments. In International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . 2020. p. 221-252. (Lecture Notes in Computer Science ). https://doi.org/10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this