On the ineffectiveness of internal encodings - Revisiting the DCA attack on white-box cryptography

Estuardo Alpirez Bock*, Chris Brzuska, Wil Michiels, Alexander Treff

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

11 Sitaatiot (Scopus)

Abstrakti

The goal of white-box cryptography is to implement cryptographic algorithms securely in software in the presence of an adversary that has complete access to the software’s program code and execution environment. In particular, white-box cryptography needs to protect the embedded secret key from being extracted. Bos et al. (CHES 2016) introduced differential computational analysis (DCA), the first automated attack on white-box cryptography. The DCA attack performs a statistical analysis on execution traces. These traces contain information such as memory addresses or register values, that is collected via binary instrumentation tooling during the encryption process. The white-box implementations that were attacked by Bos et al., as well as white-box implementations that have been described in the literature, protect the embedded key by using internal encodings techniques introduced by Chow et al. (SAC 2002). Thereby, a combination of linear and non-liner nibble encodings is used to protect the secret key. In this paper we analyse the use of such internal encodings and prove rigorously that they are too weak to protect against DCA. We prove that the use of non-linear nibble encodings does not hide key dependent correlations, such that a DCA attack succeeds with high probability.

AlkuperäiskieliEnglanti
OtsikkoApplied Cryptography and Network Security
Alaotsikko16th International Conference, ACNS 2018, Proceedings
Sivut103-120
Sivumäärä18
DOI - pysyväislinkit
TilaJulkaistu - 1 tammik. 2018
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaInternational Conference on Applied Cryptography and Network Security - Leuven, Belgia
Kesto: 2 heinäk. 20184 heinäk. 2018
Konferenssinumero: 16
https://www.cosic.esat.kuleuven.be/events/acns2018/

Julkaisusarja

NimiLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta10892 LNCS
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349

Conference

ConferenceInternational Conference on Applied Cryptography and Network Security
LyhennettäACNS
Maa/AlueBelgia
KaupunkiLeuven
Ajanjakso02/07/201804/07/2018
www-osoite

Sormenjälki

Sukella tutkimusaiheisiin 'On the ineffectiveness of internal encodings - Revisiting the DCA attack on white-box cryptography'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä