Skip to main content
SpringerLink
Log in

Exploiting Linearity in White-Box AES with Differential Computation Analysis

  • Conference paper
  • First Online:
Intelligent Computing (SAI 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1230))

Included in the following conference series:

  • 660 Accesses

Abstract

Not only have all current scientific white-box AES schemes been mathematically broken, they also face a family of attacks derived from traditional Side Channel Attacks, e.g., Differential Computation Analysis (DCA) introduced by Bos et al. Such attacks are very universal and easy-to-mount – they require neither knowledge of the implementation, nor use of reverse engineering. In this paper, we particularly focus on DCA against white-box AES by Chow et al. which shows lower than \(100\%\) success rate as opposed to other schemes studied by Bos et al. We provide an explanation of this phenomenon while unraveling another weakness in the design of white-box AES by Chow et al. Based on our theoretical results, we propose an extension of the original DCA attack which has a higher chance of key recovery and might be adapted for other schemes.

This work was supported by the Grant Agency of CTU in Prague, grant No. SGS19/109/OHK3/2T/13.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Available at https://whibox-contest.github.io/show/candidate/777. Accessed: August, 2019.

  2. 2.

    Later we will discuss optimal number of traces for this type of WBAES and recommend 200 traces.

References

  1. Pin 3.11 User Guide. https://software.intel.com/sites/landingpage/pintool/docs/97998/Pin/html/. Accessed Aug 2019

  2. Banik, S., Bogdanov, A., Isobe, T., Jepsen, M.: Analysis of software countermeasures for whitebox encryption. IACR Trans. Symmetric Cryptol. 2017, 307–328 (2017)

    Google Scholar 

  3. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Annual International Cryptology Conference, pp. 513–525. Springer (1997)

    Google Scholar 

  4. Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a white box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) Selected Areas in Cryptography, pp. 227–240. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Bock, E.A., Brzuska, C., Michiels, W., Treff, A.: On the ineffectiveness of internal encodings-revisiting the DCA attack on white-box cryptography. In: International Conference on Applied Cryptography and Network Security, pp. 103–120. Springer (2018)

    Google Scholar 

  6. Bogdanov, A., Isobe, T., Tischhauser, E.: Towards practical whitebox cryptography: optimizing efficiency and space hardness. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 126–158. Springer (2016)

    Google Scholar 

  7. Bogdanov, A., Wang, J.M., Vejre, S.: Higher-order DCA against standard side-channel countermeasures. In: Constructive Side-Channel Analysis and Secure Design: 10th International Workshop, vol. 11421, p. 118. Springer (2019)

    Google Scholar 

  8. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: International conference on the theory and applications of cryptographic techniques, pp. 37–51. Springer (1997)

    Google Scholar 

  9. Bos, J., Hubain, C., Michiels, W., Teuwen, P.: Differential computation analysis: hiding your white-box designs is not enough. In: International Conference on Cryptographic Hardware and Embedded Systems, pp. 215–236. Springer (2016)

    Google Scholar 

  10. Breunesse, C.B., Kizhvatov, I., Muijrers, R., Spruyt, A.: Towards fully automated analysis of whiteboxes: perfect dimensionality reduction for perfect leakage. IACR Cryptology ePrint Archive 2018, 95 (2018)

    Google Scholar 

  11. Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.: A white-box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) Digital Rights Management, pp. 1–15. Springer, Heidelberg (2002)

    Google Scholar 

  12. Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) Selected Areas in Cryptography, pp. 250–270. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  13. CryptoExperts: WhibOx 2017 (2017). https://whibox-contest.github.io/2017/. Accessed Aug 2019

  14. Dusart, P., Letourneux, G., Vivolo, O.: Differential fault analysis on AES. In: International Conference on Applied Cryptography and Network Security, pp. 293–306. Springer (2003)

    Google Scholar 

  15. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems-CHES 2001, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Goubin, L., Paillier, P., Rivain, M., Wang, J.: How to reveal the secrets of an obscure white-box implementation. Technical report, Cryptology ePrint Archive, Report 2018/098 (2018). https://eprint.iacr.org/2018/098

  17. Jacob, M., Boneh, D., Felten, E.: Attacking an obfuscated cipher by injecting faults. In: Feigenbaum, J. (ed.) Digital Rights Management, pp. 16–31. Springer, Heidelberg (2002)

    Google Scholar 

  18. Kerckhoffs, A.: La Cryptographie Militaire. Journal des sciences militaires 9, 538 (1883)

    Google Scholar 

  19. Klemsa, J.: Bitwise DPA. Git repository. https://github.com/fakub/BitwiseDPA

  20. Klemsa, J.: Memory Tracing Tools for Intel PIN. Git repository. https://github.com/fakub/MemoryTracingTools

  21. Klemsa, J.: White-Box-DPA-Processing toolkit. Git repository. https://github.com/fakub/White-Box-DPA-Processing

  22. Klinec, D.: White-box attack resistant cryptography (2013)

    Google Scholar 

  23. Koç, Ç.: Cryptographic Engineering. Springer, Boston (2008)

    Google Scholar 

  24. Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Annual International Cryptology Conference, pp. 104–113. Springer (1996)

    Google Scholar 

  25. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Annual International Cryptology Conference, pp. 388–397. Springer (1999)

    Google Scholar 

  26. Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: building customized program analysis tools with dynamic instrumentation. In: ACM SIGPLAN Notices, vol. 40, pp. 190–200. ACM (2005)

    Google Scholar 

  27. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) Advances in Cryptology-EUROCRYPT ’93, pp. 386–397. Springer, Heidelberg (1993)

    Google Scholar 

  28. Muir, J.A.: A tutorial on white-box AES. Technical report, Cryptology ePrint Archive, Report 2013/104 (2013). http://eprint.iacr.org/2013/104

  29. Nethercote, N., Seward, J.: Valgrind: A framework for heavyweight dynamic binary instrumentation. In: ACM SIGPLAN Notices, vol. 42, pp. 89–100. ACM (2007)

    Google Scholar 

  30. PUB, NIST FIPS: 197: Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, 441–0311 (2001)

    Google Scholar 

  31. Rivain, M., Wang, J.: Analysis and improvement of differential computation attacks against internally-encoded white-box implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019, 225–255 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Czech Technical University in Prague, Prague, Czech Republic

    Jakub Klemsa & Martin Novotný

Authors
  1. Jakub Klemsa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Novotný
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jakub Klemsa .

Editor information

Editors and Affiliations

  1. Faculty of Science and Engineering, Saga University, Saga, Japan

    Kohei Arai

  2. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Supriya Kapoor

  3. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Rahul Bhatia

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Klemsa, J., Novotný, M. (2020). Exploiting Linearity in White-Box AES with Differential Computation Analysis. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Computing. SAI 2020. Advances in Intelligent Systems and Computing, vol 1230. Springer, Cham. https://doi.org/10.1007/978-3-030-52243-8_29

Download citation

Publish with us

Policies and ethics

Search

Navigation