\( \mathsf {FPL} \): White-Box Secure Block Cipher Using Parallel Table Look-Ups

  • Jihoon Kwon
  • Byeonghak Lee
  • Jooyoung LeeEmail author
  • Dukjae Moon
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12006)


In this work, we propose a new table-based block cipher structure, dubbed \( \mathsf {FPL} \), that can be used to build white-box secure block ciphers. Our construction is a balanced Feistel cipher, where the input to each round function determines multiple indices for the underlying table via a probe function, and the sum of the values from the table becomes the output of the round function. We identify the properties of the probe function that make the resulting block cipher white-box secure in terms of weak and strong space hardness against known-space and non-adaptive chosen-space attacks. Our construction, enjoying rigorous provable security without relying on any ideal primitive, provides flexibility to the block size and the table size, and permits parallel table look-ups.

We also propose a concrete instantiation of \( \mathsf {FPL} \), dubbed \( \mathsf {FPL}_{\mathsf {AES}} \), using (round-reduced) \(\mathsf {AES}\) for the underlying table and probe functions. Our implementation shows that \( \mathsf {FPL}_{\mathsf {AES}} \) provides stronger security without significant loss of efficiency, compared to existing schemes including \(\mathsf {SPACE}\), \(\mathsf {WhiteBlock}\) and \(\mathsf {WEM}\).


Feistel cipher White-box security Space hardness Provable security 


  1. 1.
    Bellare, M., Dai, W.: Defending against key exfiltration: efficiency improvements for big-key cryptography via large-alphabet subkey prediction. In: Proceedings of the 22nd ACM SIGSAG Conference on Computer and Communications Security, pp. 923–940. ACM (2017)Google Scholar
  2. 2.
    Bellare, M., Kane, D., Rogaway, P.: Big-key symmetric encryption: resisting key exfiltration. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 373–402. Springer, Heidelberg (2016). Scholar
  3. 3.
    Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a white box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004). Scholar
  4. 4.
    Biryukov, A., Bouillaguet, C., Khovratovich, D.: Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract). In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 63–84. Springer, Heidelberg (2014). Scholar
  5. 5.
    Blondeau, C., Bogdanov, A., Leander, G.: Bounds in shallows and in miseries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 204–221. Springer, Heidelberg (2013). Scholar
  6. 6.
    Bogdanov, A., Isobe, T.: White-box cryptography revisited: space-hard ciphers. In: Proceedings of the 22nd ACM SIGSAG Conference on Computer and Communications Security, pp. 1058–1069. ACM (2015)Google Scholar
  7. 7.
    Bogdanov, A., Isobe, T., Tischhauser, E.: Towards practical whitebox cryptography: optimizing efficiency and space hardness. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 126–158. Springer, Heidelberg (2016). Scholar
  8. 8.
    Cho, J., Choi, K.Y., Dinur, I., Dunkelman, O., Keller, N., Moon, D., Veidberg, A.: WEM: a new family of white-box black ciphers based on the even-mansour construction. In: Handschuh, H. (ed.) Topics in Cryptology - CT-RSA 2017. LNCS, vol. 10159, pp. 293–308. Springer, Berlin (2017)Google Scholar
  9. 9.
    Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.C.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003). Scholar
  10. 10.
    Daemen, J., Rijmen, V.: Probability distributions of correlation and differentials in block ciphers. J. Math. Cryptol. 1(3), 221–242 (2007)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Delerablée, C., Lepoint, T., Paillier, P., Rivain, M.: White-box security notions for symmetric encryption schemes. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 247–264. Springer, Heidelberg (2014). Scholar
  12. 12.
    Fouque, P.-A., Karpman, P., Kirchner, P., Minaud, B.: Efficient and provable white-box primitives. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 159–188. Springer, Heidelberg (2016). Scholar
  13. 13.
    Gilbert, H., Plût, J., Treger, J.: Key-recovery attack on the ASASA cryptosystem with expanding S-boxes. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 475–490. Springer, Heidelberg (2015). Scholar
  14. 14.
    Lepoint, T., Rivain, M., De Mulder, Y., Roelse, P., Preneel, B.: Two attacks on a white-box AES implementation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 265–285. Springer, Heidelberg (2014). Scholar
  15. 15.
    Lin, T.-T., Lai, X.-J., Xue, W.-J., Jia, Y.: A new feistel-type white-box encryption scheme. J. Comput. Sci. Technol. 32(2), 386–395 (2017)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Minaud, B., Derbez, P., Fouque, P.-A., Karpman, P.: Key-recovery attacks on ASASA. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 3–27. Springer, Heidelberg (2015). Scholar
  17. 17.
    Wyseur, B., Michiels, W., Gorissen, P., Preneel, B.: Cryptanalysis of white-box DES implementations with arbitrary external encodings. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 264–277. Springer, Heidelberg (2007). Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Jihoon Kwon
    • 1
  • Byeonghak Lee
    • 2
  • Jooyoung Lee
    • 2
    Email author
  • Dukjae Moon
    • 1
  1. 1.Samsung SDSSeoulKorea
  2. 2.KAISTDaejeonKorea

Personalised recommendations