Security Reductions for White-Box Key-Storage in Mobile Payments

Estuardo Alpirez Bock; Chris Brzuska; Marc Fischlin; Christian Janson; Wil Michiels

doi:10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments

Estuardo Alpirez Bock^*, Chris Brzuska, Marc Fischlin, Christian Janson, Wil Michiels

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

3 Citations (Scopus)

Abstract

The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

Original language	English
Title of host publication	International Conference on the Theory and Application of Cryptology and Information Security
Subtitle of host publication	ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020
Editors	Shiho Moriai, Huaxiong Wang
Pages	221-252
Number of pages	32
ISBN (Electronic)	978-3-030-64837-4
DOIs	https://doi.org/10.1007/978-3-030-64837-4_8
Publication status	Published - 2020
MoE publication type	A4 Article in a conference publication
Event	International Conference on the Theory and Application of Cryptology and Information Security - Daejeon, Korea, Republic of Duration: 7 Dec 2020 → 11 Dec 2020 Conference number: 26

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	12491

Conference

Conference	International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated title	ASIACRYPT
Country/Territory	Korea, Republic of
City	Daejeon
Period	07/12/2020 → 11/12/2020

Access to Document

10.1007/978-3-030-64837-4_8

SFX availability

Full text

Cite this

Alpirez Bock, E., Brzuska, C., Fischlin, M., Janson, C., & Michiels, W. (2020). Security Reductions for White-Box Key-Storage in Mobile Payments. In S. Moriai, & H. Wang (Eds.), International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 (pp. 221-252). (Lecture Notes in Computer Science ; Vol. 12491). https://doi.org/10.1007/978-3-030-64837-4_8

Alpirez Bock, Estuardo ; Brzuska, Chris ; Fischlin, Marc et al. / Security Reductions for White-Box Key-Storage in Mobile Payments. International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . editor / Shiho Moriai ; Huaxiong Wang. 2020. pp. 221-252 (Lecture Notes in Computer Science ).

@inproceedings{a229ecdb88534c50b49e2263afab13d0,

title = "Security Reductions for White-Box Key-Storage in Mobile Payments",

abstract = "The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.",

author = "{Alpirez Bock}, Estuardo and Chris Brzuska and Marc Fischlin and Christian Janson and Wil Michiels",

year = "2020",

doi = "10.1007/978-3-030-64837-4_8",

language = "English",

isbn = "978-3-030-64836-7",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "221--252",

editor = "Shiho Moriai and Huaxiong Wang",

booktitle = "International Conference on the Theory and Application of Cryptology and Information Security",

note = "International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT ; Conference date: 07-12-2020 Through 11-12-2020",

}

Alpirez Bock, E, Brzuska, C, Fischlin, M, Janson, C & Michiels, W 2020, Security Reductions for White-Box Key-Storage in Mobile Payments. in S Moriai & H Wang (eds), International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . Lecture Notes in Computer Science , vol. 12491, pp. 221-252, International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, Korea, Republic of, 07/12/2020. https://doi.org/10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments. / Alpirez Bock, Estuardo; Brzuska, Chris; Fischlin, Marc et al.

International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . ed. / Shiho Moriai; Huaxiong Wang. 2020. p. 221-252 (Lecture Notes in Computer Science ; Vol. 12491).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Security Reductions for White-Box Key-Storage in Mobile Payments

AU - Alpirez Bock, Estuardo

AU - Brzuska, Chris

AU - Fischlin, Marc

AU - Janson, Christian

AU - Michiels, Wil

N1 - Conference code: 26

PY - 2020

Y1 - 2020

N2 - The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

AB - The goal of white-box cryptography is to provide security even when the cryptographic implementation is executed in adversarially controlled environments. White-box implementations nowadays appear in commercial products such as mobile payment applications, e.g., those certified by Mastercard. Interestingly, there, white-box cryptography is championed as a tool for secure storage of payment tokens, and importantly, the white-boxed storage functionality is bound to a hardware functionality to prevent code-lifting attacks.

UR - http://www.scopus.com/inward/record.url?scp=85097829140&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-64837-4_8

DO - 10.1007/978-3-030-64837-4_8

M3 - Conference contribution

SN - 978-3-030-64836-7

T3 - Lecture Notes in Computer Science

SP - 221

EP - 252

BT - International Conference on the Theory and Application of Cryptology and Information Security

A2 - Moriai, Shiho

A2 - Wang, Huaxiong

T2 - International Conference on the Theory and Application of Cryptology and Information Security

Y2 - 7 December 2020 through 11 December 2020

ER -

Alpirez Bock E, Brzuska C, Fischlin M, Janson C, Michiels W. Security Reductions for White-Box Key-Storage in Mobile Payments. In Moriai S, Wang H, editors, International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2020: Advances in Cryptology – ASIACRYPT 2020 . 2020. p. 221-252. (Lecture Notes in Computer Science ). https://doi.org/10.1007/978-3-030-64837-4_8

Security Reductions for White-Box Key-Storage in Mobile Payments

Abstract

Publication series

Conference

Access to Document

SFX availability

Other files and links

Fingerprint

Cite this