< Back to previous page

Project

New Methods in White-Box Cryptography

As cryptography is becoming ubiquitous in our digital systems, cryptographic implementations are being deployed in unprotected devices that might get compromised by malicious parties. However, cryptographic primitives are designed to provide security in the black-box model, where attackers can only tamper with the inputs and outputs of the primitive, but they do not offer protection against white-box attackers, who can gain full control over the device running the cryptographic computations.

Due to the high demand for software implementations of cryptographic primitives secure in the white-box model, many of these white-box implementations have been proposed in the last 20 years. Building secure white-box implementations is very challenging, even for basic cryptographic constructions such as block ciphers, and all published white-box implementations have been broken. In the first research objective of this thesis, we address the ambitious goal of designing secure white-box implementations of block ciphers. While the cryptanalysis of white-box implementations has significantly advanced in the last decade and many attacks have been published, little progress has been made in the design of white-box implementations and nearly all implementations have followed the same design method. In the thesis we describe the published white-box implementations of block ciphers, next we report our analysis of a common structural property exploited in most of the white-box attacks, the self-equivalence structure of the underlying block cipher. We conclude the first objective by summarizing the implicit framework, our novel white-box method that avoids the vulnerabilities of previous implementations and that can be applied for the first time to ARX ciphers, software-oriented block ciphers that only employ modular additions, rotations, and XORs.

White-box designs assume that the underlying ciphers are secure in the black-box model. However, compared to other block ciphers, the security of ARX ciphers is less understood, and their security analysis involves many heuristic searches of cryptographic properties. These properties were traditionally searched with manual and ad-hoc methods, but recently designers and cryptanalysts have started using automated tools based on constraint satisfaction problems. While automated methods are being widely used to ease the security analysis of ciphers, current methods present some theoretical and practical limitations. In particular, the lack of theoretical models limits the properties and the ciphers on which automated tools can be applied, and the lack of practical implementations diminishes the automated methods’ purpose of easing the security analysis of ciphers.

In the second research objective of this thesis we address the current limitations of evaluating the security of ARX ciphers using automated tools. We first survey the state-of-the-art in modelling black-box attacks to ARX ciphers using automated methods. Then, we explain our formal model that enables automated methods to search for differential properties of ARX ciphers using the modular addition by a constant, and finally we describe our practical tool CASCADA, a complete open-source library with a detailed documentation that implements multiple automated methods and supports a wide class of attacks and ciphers

Date:29 Sep 2017 →  14 Apr 2023
Keywords:white-box cryptography, software, key extraction
Disciplines:Ceramic and glass materials, Materials science and engineering, Semiconductor materials, Other materials engineering
Project type:PhD project