White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family

White-box cryptography aims to ensure the security of cryptographic algorithms in an untrusted environment where the adversary has full access to their implementations. Typical applications are DRM, Pay Tv boxes, and smartphones. A number of white-box implementations for standard cryptographic algorithms—e.g., AES and DES—have been published in the literature. Unfortunately, such implementations are subjected to algebraic attacks, side channel attacks, etc. and thus researchers developed new ciphers—e.g., SPACE and the SPNbox family—with a dedicated design approach for white-box implementations. In this chapter, we focus on the SPNbox family. Our aim is to modify the small internal block cipher used in SPNbox in order to increase the number of bits of the key used in each round. This approach provides us the possibility to reduce the number of rounds of about 25%, making the algorithm faster than the previous one.

[1]  Brecht Wyseur,et al.  White-Box Cryptography , 2011, Encyclopedia of Cryptography and Security.

[2]  Simon Josefsson,et al.  The scrypt Password-Based Key Derivation Function , 2016, RFC.

[3]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[4]  Andrea Visconti,et al.  On the Weaknesses of PBKDF2 , 2015, CANS.

[5]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[6]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[7]  Andrey Bogdanov,et al.  White-Box Cryptography Revisited: Space-Hard Ciphers , 2015, CCS.

[8]  Bart Preneel,et al.  Cryptanalysis of the Xiao - Lai White-Box AES Implementation , 2012, Selected Areas in Cryptography.

[9]  Andrea Visconti,et al.  Exploiting an HMAC-SHA-1 Optimization to Speed up PBKDF2 , 2020, IEEE Transactions on Dependable and Secure Computing.

[10]  Wil Michiels,et al.  White-Box Cryptography: Don’t Forget About Grey-Box Attacks , 2019, Journal of Cryptology.

[11]  Bart Preneel,et al.  Two Attacks on a White-Box AES Implementation , 2013, Selected Areas in Cryptography.

[12]  Olivier Billet,et al.  Cryptanalysis of a White Box AES Implementation , 2004, Selected Areas in Cryptography.

[13]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.1 , 2017, RFC.

[14]  Mohamed Karroumi,et al.  Protecting White-Box AES with Dual Ciphers , 2010, ICISC.

[15]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[16]  Andrey Bogdanov,et al.  Analysis of Software Countermeasures for Whitebox Encryption , 2017, IACR Trans. Symmetric Cryptol..

[17]  Xuejia Lai,et al.  A Secure Implementation of White-Box AES , 2009, 2009 2nd International Conference on Computer Science and its Applications.

[18]  H. Feistel Cryptography and Computer Privacy , 1973 .

[19]  Wil Michiels,et al.  Cryptanalysis of a Generic Class of White-Box Implementations , 2009, Selected Areas in Cryptography.

[20]  Andrey Bogdanov,et al.  Towards Practical Whitebox Cryptography: Optimizing Efficiency and Space Hardness , 2016, ASIACRYPT.

[21]  Alex Biryukov,et al.  Cryptographic Schemes Based on the ASASA Structure: Black-Box, White-Box, and Public-Key (Extended Abstract) , 2014, ASIACRYPT.