White-Box Cryptography: Survey

Presented at 30C3 (2013), Dec. 29, 2013, 5:15 p.m. (60 minutes).

The goal of white-box cryptography is to protect cryptographic keys in a public implementation of encryption algorithms, primarily in the context of Pay-TV and tamper-resistant software. I present an overview of the white-box cryptography concept along with the most common applications and proposed designs. I discuss the subtle difference between white-box cryptography, public-key cryptography, and obfuscation.

The informal notion of white-box cryptography was coined by Chow et al. 2002 as a method to protect cryptographic keys in a public implementation of encryption algorithms, which is fully accessed by an adversary. White-box implementations of the AES and DES ciphers were presented, but they were all badly broken. Subsequent attempts were no better. Whereas some theoretical foundations of white-box cryptography have been given recently in Wyseur's PhD thesis, so far they have not lead to any practical scheme.

I present an overview of the white-box cryptography concept along with the most common applications and proposed designs. I discuss the subtle difference between white-box cryptography, public-key cryptography, and obfuscation. I try to answer the question if the security of a white-box scheme can be relied on public scrutiny in contrast to the hardness assumptions behind RSA and other public-key schemes.

Alongside the theoretical results, I present some well-known attempts to construct a white-box cryptographic scheme from the AES and DES ciphers, and show their inherent weaknesses. Finally, I discuss some potential methods to construct a secure white-box cipher from scratch using the results from finite fields theory and public-key cryptography.


Presenters:

  • Dmitry Khovratovich
    Dmitry Khovratovich graduated from Moscow State University in 2005, and got his PhD in cryptanalysis in the University of Luxembourg in 2010. He was a post-doc researcher at Microsoft Research Cryptography Group in 2010-2012, and since 2013 he is a post-doc researcher in the University of Luxembourg. His primary research interests are symmetric cryptography and cryptanalysis, white-box cryptography, and security of electronic currencies.

Links:

Similar Presentations: