Abstract
White-box cryptography aims to ensure the security of cryptographic algorithms in an untrusted environment where the adversary has full access to their implementations. Typical applications are DRM, Pay Tv boxes, and smartphones. A number of white-box implementations for standard cryptographic algorithms—e.g., AES and DES—have been published in the literature. Unfortunately, such implementations are subjected to algebraic attacks, side channel attacks, etc. and thus researchers developed new ciphers—e.g., SPACE and the SPNbox family—with a dedicated design approach for white-box implementations. In this chapter, we focus on the SPNbox family. Our aim is to modify the small internal block cipher used in SPNbox in order to increase the number of bits of the key used in each round. This approach provides us the possibility to reduce the number of rounds of about 25%, making the algorithm faster than the previous one.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Some of this work was done as part of the author Federico Cioschi’s BSc thesis, Department of Computer Science, Università degli Studi di Milano. Some of this work was done as part of the author Nicolò Fornari’s MSc thesis, Department of Mathematics, University of Trento.
- 2.
- 3.
SB, MC, and AK refer to the AES transformations SubBytes, MixColumns, and AddRoundKey, respectively.
- 4.
Provided by AES-NI to make one round of AES encryption.
- 5.
Notice that, when n in = 32, 16, 8, the number of key bits used has to be incremented by the appropriate number of key bits used by AK 0.
References
S. Chow, P. Eisen, H. Johnson, P.C. Van Oorschot, White-box cryptography and an AES implementation, in: International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2002), pp. 250–270
Sky Go, http://go.sky.com/. Accessed 13 Nov 2018
Netflix, https://www.netflix.com. Accessed 13 Nov 2018
Spotify, https://www.spotify.com/. Accessed 13 Nov 2018
B. Wyseur, White-Box Cryptography. Ph.D. Thesis, KU Leuven, Department of Mathematics (2009)
S. Chow, P. Eisen, H. Johnson, P.C. Van Oorschot, A white-box DES implementation for DRM applications, in ACM Workshop on Digital Rights Management (Springer, Berlin, 2002), pp. 1–15
M. Karroumi, Protecting white-box AES with dual ciphers, in International Conference on Information Security and Cryptology (Springer, Berlin, 2010), pp. 278–291
Y. Xiao, X. Lai, A secure implementation of white-box AES, in 2nd International Conference on Computer Science and its Applications, 2009, CSA’09 (IEEE, Piscataway, 2009), pp. 1–6
O. Billet, H. Gilbert, C. Ech-Chatbi, Cryptanalysis of a white box AES implementation, in International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2004), pp. 227–240
Y. De Mulder, P. Roelse, B. Preneel, Cryptanalysis of the Xiao–Lai white-box AES implementation, in International Conference on Selected Areas in Cryptography (Springer, Berlin, 2012), pp. 34–49
W. Michiels, P. Gorissen, H.D. Hollmann, Cryptanalysis of a generic class of white-box implementations, in International Workshop on Selected Areas in Cryptography (Springer, Berlin, 2008), pp. 414–428
T. Lepoint, M. Rivain, Y. De Mulder, P. Roelse, B. Preneel, Two attacks on a white-box AES implementation, in International Conference on Selected Areas in Cryptography (Springer, Berlin, 2013), pp. 265–285
E.A. Bock, J.W. Bos, C. Brzuska, C. Hubain, W. Michiels, C. Mune, E.S. Gonzalez, P. Teuwen, A. Treff, White-box cryptography: don’t forget about grey box attacks. Cryptology ePrint Archive, Report 2017/355 (2017)
S. Banik, A. Bogdanov, T. Isobe, M. Jepsen, Analysis of software countermeasures for whitebox encryption. IACR Trans. Symmetric Cryptol. 2017(1), 307–328 (2017)
A. Biryukov, C. Bouillaguet, D. Khovratovich, Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract), in P. Sarkar, T. Iwata (eds.) Advances in Cryptology – ASIACRYPT 2014 (Springer, Berlin, 2014), pp. 63–84
A. Bogdanov, T. Isobe, White-box cryptography revisited: space-hard ciphers, in Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (ACM, New York, 2015), pp. 1058–1069
A. Bogdanov, T. Isobe, E. Tischhauser, Towards practical whitebox cryptography: optimizing efficiency and space hardness, in International Conference on the Theory and Application of Cryptology and Information Security (Springer, Berlin, 2016), pp. 126–158
P. Dusart, G. Letourneux, O. Vivolo, Differential fault analysis on AES, in International Conference on Applied Cryptography and Network Security (Springer, Berlin, 2003), pp. 293–306
P. Kocher, J. Jaffe, B. Jun, P. Rohatgi, Introduction to differential power analysis. J. Cryptogr. Eng. 1(1), 5–27 (2011)
H. Feistel, Cryptography and computer privacy. Sci. Am. 228(5), 15–23 (1973)
K. Moriarty, B. Kaliski, A. Rusch, PKCS# 5: Password-Based Cryptography Specification Version 2.1. RFC 8018 (2017)
A. Visconti, S. Bossi, H. Ragab, A. Calò, On the weaknesses of PBKDF2, in ed. by M. Reiter, D. Naccache. Cryptology and Network Security (Springer, Berlin, 2015), pp. 119–126
A. Visconti, F. Gorla, Exploiting an HMAC-SHA-1 optimization to speed up PBKDF2. IEEE Trans. Dependable Secure Comput. (2018). https://doi.org/10.1109/TDSC.2018.2878697
A. Biryukov, D. Dinu, D. Khovratovich, Argon2 (version 1.2). https://password-hashing.net/submissions/specs/Argon-v3.pdf. Accessed 13 Nov 2018
C. Percival, S. Josefsson, The scrypt Password-Based Key Derivation Function. RFC 7914 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Cioschi, F., Fornari, N., Visconti, A. (2019). White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family. In: Woungang, I., Dhurandher, S. (eds) 2nd International Conference on Wireless Intelligent and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 27. Springer, Cham. https://doi.org/10.1007/978-3-030-11437-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-11437-4_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11436-7
Online ISBN: 978-3-030-11437-4
eBook Packages: EngineeringEngineering (R0)