Skip to main content
SpringerLink
Log in
Book cover

International Conference on Wireless Intelligent and Distributed Environment for Communication

WIDECOM 2018: 2nd International Conference on Wireless Intelligent and Distributed Environment for Communication pp 153–166Cite as

White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 27))

Abstract

White-box cryptography aims to ensure the security of cryptographic algorithms in an untrusted environment where the adversary has full access to their implementations. Typical applications are DRM, Pay Tv boxes, and smartphones. A number of white-box implementations for standard cryptographic algorithms—e.g., AES and DES—have been published in the literature. Unfortunately, such implementations are subjected to algebraic attacks, side channel attacks, etc. and thus researchers developed new ciphers—e.g., SPACE and the SPNbox family—with a dedicated design approach for white-box implementations. In this chapter, we focus on the SPNbox family. Our aim is to modify the small internal block cipher used in SPNbox in order to increase the number of bits of the key used in each round. This approach provides us the possibility to reduce the number of rounds of about 25%, making the algorithm faster than the previous one.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Some of this work was done as part of the author Federico Cioschi’s BSc thesis, Department of Computer Science, Università degli Studi di Milano. Some of this work was done as part of the author Nicolò Fornari’s MSc thesis, Department of Mathematics, University of Trento.

  2. 2.

    For example, PBKDF2 [21,22,23], ARGON2 [24], Scrypt [25], and so on.

  3. 3.

    SB, MC, and AK refer to the AES transformations SubBytes, MixColumns, and AddRoundKey, respectively.

  4. 4.

    Provided by AES-NI to make one round of AES encryption.

  5. 5.

    Notice that, when n in = 32,  16,  8, the number of key bits used has to be incremented by the appropriate number of key bits used by AK 0.

References

  1. S. Chow, P. Eisen, H. Johnson, P.C. Van Oorschot, White-box cryptography and an AES implementation, in: International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2002), pp. 250–270

    MATH  Google Scholar 

  2. Sky Go, http://go.sky.com/. Accessed 13 Nov 2018

  3. Netflix, https://www.netflix.com. Accessed 13 Nov 2018

  4. Spotify, https://www.spotify.com/. Accessed 13 Nov 2018

  5. B. Wyseur, White-Box Cryptography. Ph.D. Thesis, KU Leuven, Department of Mathematics (2009)

    Google Scholar 

  6. S. Chow, P. Eisen, H. Johnson, P.C. Van Oorschot, A white-box DES implementation for DRM applications, in ACM Workshop on Digital Rights Management (Springer, Berlin, 2002), pp. 1–15

    MATH  Google Scholar 

  7. M. Karroumi, Protecting white-box AES with dual ciphers, in International Conference on Information Security and Cryptology (Springer, Berlin, 2010), pp. 278–291

    MATH  Google Scholar 

  8. Y. Xiao, X. Lai, A secure implementation of white-box AES, in 2nd International Conference on Computer Science and its Applications, 2009, CSA’09 (IEEE, Piscataway, 2009), pp. 1–6

    Book  Google Scholar 

  9. O. Billet, H. Gilbert, C. Ech-Chatbi, Cryptanalysis of a white box AES implementation, in International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2004), pp. 227–240

    MATH  Google Scholar 

  10. Y. De Mulder, P. Roelse, B. Preneel, Cryptanalysis of the Xiao–Lai white-box AES implementation, in International Conference on Selected Areas in Cryptography (Springer, Berlin, 2012), pp. 34–49

    MATH  Google Scholar 

  11. W. Michiels, P. Gorissen, H.D. Hollmann, Cryptanalysis of a generic class of white-box implementations, in International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2008), pp. 414–428

    MATH  Google Scholar 

  12. T. Lepoint, M. Rivain, Y. De Mulder, P. Roelse, B. Preneel, Two attacks on a white-box AES implementation, in International Conference on Selected Areas in Cryptography (Springer, Berlin, 2013), pp. 265–285

    MATH  Google Scholar 

  13. E.A. Bock, J.W. Bos, C. Brzuska, C. Hubain, W. Michiels, C. Mune, E.S. Gonzalez, P. Teuwen, A. Treff, White-box cryptography: don’t forget about grey box attacks. Cryptology ePrint Archive, Report 2017/355 (2017)

    Google Scholar 

  14. S. Banik, A. Bogdanov, T. Isobe, M. Jepsen, Analysis of software countermeasures for whitebox encryption. IACR Trans. Symmetric Cryptol. 2017(1), 307–328 (2017)

    Google Scholar 

  15. A. Biryukov, C. Bouillaguet, D. Khovratovich, Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract), in P. Sarkar, T. Iwata (eds.) Advances in Cryptology – ASIACRYPT 2014 (Springer, Berlin, 2014), pp. 63–84

    Chapter  Google Scholar 

  16. A. Bogdanov, T. Isobe, White-box cryptography revisited: space-hard ciphers, in Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (ACM, New York, 2015), pp. 1058–1069

    Google Scholar 

  17. A. Bogdanov, T. Isobe, E. Tischhauser, Towards practical whitebox cryptography: optimizing efficiency and space hardness, in International Conference on the Theory and Application of Cryptology and Information Security (Springer, Berlin, 2016), pp. 126–158

    MATH  Google Scholar 

  18. P. Dusart, G. Letourneux, O. Vivolo, Differential fault analysis on AES, in International Conference on Applied Cryptography and Network Security (Springer, Berlin, 2003), pp. 293–306

    MATH  Google Scholar 

  19. P. Kocher, J. Jaffe, B. Jun, P. Rohatgi, Introduction to differential power analysis. J. Cryptogr. Eng. 1(1), 5–27 (2011)

    Article  Google Scholar 

  20. H. Feistel, Cryptography and computer privacy. Sci. Am. 228(5), 15–23 (1973)

    Article  Google Scholar 

  21. K. Moriarty, B. Kaliski, A. Rusch, PKCS# 5: Password-Based Cryptography Specification Version 2.1. RFC 8018 (2017)

    Google Scholar 

  22. A. Visconti, S. Bossi, H. Ragab, A. Calò, On the weaknesses of PBKDF2, in ed. by M. Reiter, D. Naccache. Cryptology and Network Security (Springer, Berlin, 2015), pp. 119–126

    Google Scholar 

  23. A. Visconti, F. Gorla, Exploiting an HMAC-SHA-1 optimization to speed up PBKDF2. IEEE Trans. Dependable Secure Comput. (2018). https://doi.org/10.1109/TDSC.2018.2878697

  24. A. Biryukov, D. Dinu, D. Khovratovich, Argon2 (version 1.2). https://password-hashing.net/submissions/specs/Argon-v3.pdf. Accessed 13 Nov 2018

  25. C. Percival, S. Josefsson, The scrypt Password-Based Key Derivation Function. RFC 7914 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Università degli Studi di Milano, Milano, Italy

    Federico Cioschi & Andrea Visconti

  2. The Akkademy, Geneva, Switzerland

    Nicolò Fornari

Authors
  1. Federico Cioschi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicolò Fornari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrea Visconti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrea Visconti .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Ryerson University, Toronto, ON, Canada

    Isaac Woungang

  2. CAITFS, Department of Information Technology, Netaji Subhas University of Technology, New Delhi, India

    Sanjay Kumar Dhurandher

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cioschi, F., Fornari, N., Visconti, A. (2019). White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family. In: Woungang, I., Dhurandher, S. (eds) 2nd International Conference on Wireless Intelligent and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 27. Springer, Cham. https://doi.org/10.1007/978-3-030-11437-4_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-11437-4_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-11436-7

  • Online ISBN: 978-3-030-11437-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation