Skip to main content
SpringerLink
Log in

Design and evaluation of a novel White-box encryption scheme for resource-constrained IoT devices

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Along with significant benefits to the end-users, the Internet-of-Things (IoT) technology also brings unprecedented security challenges. IoT requires many embedded and resource-constrained devices that are usually deployed in an insecure and remote environment. This is where a White-box (WB) attack paradigm, where the attacker has complete control over the execution environment, comes into the picture. Accordingly, the possible capture of these devices makes the entire built-in cryptosystem visible to the adversary. Thus, the adversary gains complete control over the system and can potentially hinder the used cryptographic implementation. A White-box cryptographic (WBC) encryption scheme is employed to counter such WB attacks. Accordingly, we provide a scheme for hiding the private key used in the Elliptic curve encryption scheme considering the WB attack context. Precisely, we use Residue Number System (RNS)-based lookup tables to hide the private key. To show the practicality of the proposed scheme, we deploy it over a widely adopted Message Queuing Telemetry Transport for Sensor Networks (MQTT-SN) protocol. Further, we discuss the WB security goals and analyze the security and performance of the proposed scheme using the Cooja simulator. We demonstrate the feasibility of the proposed approach by comparing it with the traditional Elliptic curve encryption scheme over parameters like end-to-end delay, network throughput, average power consumption, and computational time. The obtained simulation results show that the proposed scheme provides a consistent computational cost and network efficiency, which is practical in deployments demanding a higher level of security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Ashton K et al (2009) That internet of things thing. RFID J 22(7):97–114

    Google Scholar 

  2. Balaji S, Nathani K, Santhakumar R (2019) Iot technology, applications and challenges: a contemporary survey. Wireless Pers Commun 108(1):363–388

    Article  Google Scholar 

  3. Sharma N, Shamkuwar M, Singh I (2019) The history, present and future with iot. In: Internet of things and big data analytics for smart generation. Springer, pp 27–51

  4. Bang AO, Rao UP (2021) Context-aware computing for iot: history, applications and research challenges. In: Proceedings of second international conference on smart energy and communication. Springer, pp 719–726

  5. Khan R, Khan SU, Zaheer R, Khan S (2012) Future internet: the internet of things architecture, possible applications and key challenges. In: 2012 10th international conference on frontiers of information technology. IEEE, pp 257–260

  6. Bang AO, Rao UP (2021) A novel decentralized security architecture against sybil attack in RPL-based IoT networks: a focus on smart home use case. J Supercomput. https://doi.org/10.1007/s11227-021-03816-2

  7. Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M (2015) Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun Surv Tutor 17(4):2347–2376

    Article  Google Scholar 

  8. Sanfelix E, de Haas J, Mune C (2015) Unboxing the white-box: practical attacks against obfuscated ciphers. Presentation at blackhat Europe

  9. Beunardeau M, Connolly A, Geraud R, Naccache D (2016) White-box cryptography: security in an insecure environment. IEEE Secur Priv 14(5):88–92

    Article  Google Scholar 

  10. Shi Y, Wei W, He Z, Fan H (2016) An ultra-lightweight white-box encryption scheme for securing resource-constrained Iot devices. In: Proceedings of the 32nd annual conference on computer security applications, pp 16–29

  11. SOFTWARE KI (2012) White-box cryptography: hiding keys in software

  12. Muir JA (2012) A tutorial on white-box AES. In: Advances in network analysis and its applications. Springer, pp 209–229

  13. Chow S, Eisen P, Johnson H, Van Oorschot PC (2002) White-box cryptography and an AES implementation. In: International workshop on selected areas in cryptography. Springer, pp 250–270

  14. Chow S, Eisen P, Johnson H, Van Oorschot (2002) P.C.A white-box des implementation for DRM applications. In: ACM workshop on digital rights management. Springer, pp 1–15

  15. Wyseur B, Michiels W, Gorissen P, Preneel B (2007) Cryptanalysis of white-box des implementations with arbitrary external encodings. In: International workshop on selected areas in cryptography. Springer, pp 264–277

  16. Lepoint T, Rivain M, De Mulder Y, Roelse P, Preneel B (2013) Two attacks on a white-box AES implementation. In: International conference on selected areas in cryptography. Springer, pp 265–285

  17. Xiao Y, Lai X (2009) A secure implementation of white-box AES. In: 2009 2nd international conference on computer science and its applications. IEEE, pp 1–6

  18. Karroumi M (2010) Protecting white-box AES with dual ciphers. In: International conference on information security and cryptology. Springer, pp 278–291

  19. De Mulder Y, Roelse P, Preneel B (2012) Cryptanalysis of the Xiao–Lai White-Box AES implementation. In: International conference on selected areas in cryptography. Springer, pp 34–49

  20. Delerablée C, Lepoint T, Paillier P, Rivain M (2013) White-box security notions for symmetric encryption schemes. In: International conference on selected areas in cryptography. Springer, pp 247–264

  21. Bhatia K, Som S (2016) Study on white-box cryptography: key whitening and entropy attacks. In: 2016 5th international conference on reliability, Infocom technologies and optimization (trends and future directions) (ICRITO). IEEE, pp 323–327

  22. Biryukov A, Udovenko A (2018) Attacks and countermeasures for white-box designs. In: International conference on the theory and application of cryptology and information security. Springer, pp 373–402

  23. Albricci DGV, Ceria M, Cioschi F, Fornari N, Shakiba A, Visconti A (2019) Measuring performances of a white-box approach in the iot context. Symmetry 11(8):1000

    Article  Google Scholar 

  24. Saxena A, Wyseur B, Preneel B (2009) Towards security notions for white-box cryptography. In: International conference on information security. Springer, pp 49–58

  25. Preneel B, Wyseur B (2008) White-box cryptography. In: Dagstuhl workshop on security hardware in theory and practice—a marriage of convenience, Date: 2008/06/18-2008/06/20, Location: Dagstuhl Germany

  26. Biryukov A, Bouillaguet C, Khovratovich D (2014) Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key. In: International conference on the theory and application of cryptology and information security. Springer, pp 63–84

  27. Bock EA, Amadori A, Brzuska C, Michiels W (2020) On the security goals of white-box cryptography. In: IACR transactions on cryptographic hardware and embedded systems, pp 327–357

  28. Lu J, Zhao Z, Guo H (2019) White-box implementation of the KMAC message authentication code. In: International conference on information security practice and experience. Springer, pp 248–270

  29. Saha A, Srinivasan C (2019) White-box cryptography based data encryption-decryption scheme for iot environment. In: 2019 5th international conference on advanced computing and communication systems (ICACCS). IEEE, pp 637–641

  30. Kwon J, Lee B, Lee J, Moon D (2020) Fpl: White-box secure block cipher using parallel table look-ups. In: Cryptographers’ track at the RSA conference. Springer, pp 106–128

  31. Shi Y, Wei W, Zhang F, Luo X, He Z, Fan H (2019) Sdsrs: A novel white-box cryptography scheme for securing embedded devices in iiot. IEEE Trans Industr Inf 16(3):1602–1616

    Article  Google Scholar 

  32. Lauter K (2004) The advantages of elliptic curve cryptography for wireless security. IEEE Wirel Commun 11(1):62–67

    Article  Google Scholar 

  33. Rahman SMM, Muir J (2016) System and method for generating and protecting cryptographic keys, Nov. 22. US Patent 9503259

  34. Hoogerbrugge J, Michiels W, Vullers P (2018) White-box elliptic curve point multiplication, Sept 4. US Patent 10068070

  35. Zhang Y, He D, Huang X, Wang D, Choo K-KR, Wang J (2020) White-box implementation of the identity-based signature scheme in the IEEE p1363 standard for public key cryptography. IEICE Trans Inf Syst 103(2):188–195

    Article  Google Scholar 

  36. Feng Q, He D, Wang H, Kumar N, Choo K-KR (2019) White-box implementation of Shamir’s identity-based signature scheme. IEEE Syst J

  37. Zhou J, Bai J, Jiang MS (2020) White-box implementation of ECDSA based on the cloud plus side mode. In: Security and communication networks, vol 2020

  38. Antoniadis A, Sklavos N (2018) On the white-box cryptography: Design and integration of high performance and lightweight encryption. In: Proceedings of 21th EUROMICRO conference on digital system design, architectures, methods, tools (DSD’18)

  39. Ma L, Huang M, Yang S, Wang R, Wang X (2021) An adaptive localized decision variable analysis approach to large-scale multiobjective and many-objective optimization. IEEE Trans Cybern

  40. Paar C, Pelzl J (2010) Introduction to public-key cryptography. In: Understanding cryptography. Springer, pp 149–171

  41. Koblitz N (2000) Towards a quarter-century of public key cryptography. Springer

  42. Sadhukhan D, Ray S, Biswas G, Khan M, Dasgupta M (2021) A lightweight remote user authentication scheme for iot communication using elliptic curve cryptography. J Supercomput 77(2):1114–1151

    Article  Google Scholar 

  43. Kwon Y, Lee J (2019) Energy optimization model with variable keep-alive cycle algorithm in wireless sensor network. Int J Control Autom Syst 17(10):2531–2540

    Article  Google Scholar 

  44. Park J-H, Kim H-S, Kim W-T (2018) Dm-mqtt: an efficient mqtt based on sdn multicast for massive iot communications. Sensors 18(9):3071

    Article  Google Scholar 

  45. Benefits of MQTT-SN over MQTT. https://www.oasis-open.org/committees/download.php/66091/MQTT-SN_spec_v1.2.pdf. Accessed on 26.02.2021

  46. Stanford-Clark A, Truong HL (2013) Mqtt for sensor networks (mqtt-sn) protocol specification. International business machines (IBM) Corporation version 1(2)

  47. Differences between MQTT and MQTT-SN. https://www.oreilly.com/library/view/internet-of-things/9781788470599/881de410-96e1-4771-b506-cd7450faadc3.xhtml. Accessed on 26.02.2021

  48. MQTT For Sensor Networks (MQTT-SN) Protocol Specification. https://www.oasis-open.org/committees/download.php/66091/MQTT-SN_spec_v1.2.pdf. Accessed on 28.02.2021

  49. Garner HL (1959) The residue number system. In: Papers presented at the the March 3–5, 1959, Western Joint Computer Conference, pp 146–153

  50. Jenkins W, Leon B (1977) The use of residue number systems in the design of finite impulse response digital filters. IEEE Trans Circuits Syst 24(4):191–201

    Article  MathSciNet  Google Scholar 

  51. Sudeepa K, Aithal G (2017) Generation of maximum length non-binary key sequence and its application for stream cipher based on residue number system. J Comput Sci 21:379–386

    Article  MathSciNet  Google Scholar 

  52. Elliptic Curve Cryptography: ECDH and ECDSA. https://andrea.corbellini.name/2015/05/30/elliptic-curve-cryptography-ecdh-and-ecdsa/. Accessed on 22.01.2021

  53. Turner S, Brown D, Yiu K, Housley R, Polk T (2009) Elliptic curve cryptography subject public key information. RFC 5480 (Proposed Standard)

  54. RSA vs ECC : The biggest differentiator between ECC and RSA is key size. https://www.ssl2buy.com/wiki/rsa-vs-ecc-which-is-better-algorithm-for-security. Accessed on 10.02.2021

  55. Dunkels A, Gronvall B, Voigt T (2004) Contiki-a lightweight and flexible operating system for tiny networked sensors. In: 29th annual IEEE international conference on local computer networks. IEEE, pp 455–462

  56. Meet the Z1 mote. http://wiki.zolertia.com/wiki/index.php/Main_Page. Accessed on 10.02.2021

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering Department, Sardar Vallabhbhai National Institute of Technology (SVNIT), Surat, Gujarat, 395007, India

    A. O. Bang & Udai Pratap Rao

Authors
  1. A. O. Bang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Udai Pratap Rao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Udai Pratap Rao.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bang, A.O., Rao, U.P. Design and evaluation of a novel White-box encryption scheme for resource-constrained IoT devices. J Supercomput 78, 11111–11137 (2022). https://doi.org/10.1007/s11227-022-04322-9

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-022-04322-9

Keywords

Search

Navigation