A New Digital Rights Management Solution Based on White-Box Cryptography

Digital rights management is an important technique to protect digital contents from abuse. Usually it is confronted with severe challenges because of the untrusted environment its application executed in. This condition is formally described as white-box attack model. White-box cryptography aims at protecting software implementation of cryptographic algorithms from white-box attack, hence can be employed to provide security guarantee for digital rights management. Key extraction, code lifting, and illegal distribution are three major threats in digital rights management application, they extremely compromise the benefit of content producer. In this paper, we propose the first solution based on white-box cryptography against the three threats above simultaneously, by implementing traceability of a white-box scheme which has unbreakability and incompressibility. Specifically, We constructively confirm there exists secure white-box compiler which can generate traceable white-box programs, by hiding slight perturbations in the lookuptable based white-box implementation. Security and performance analyses show our solution can be effectively achieved in practice.

[1]  Amos Fiat,et al.  Tracing Traitors , 1994, CRYPTO.

[2]  Olivier Billet,et al.  A Traceable Block Cipher , 2003, ASIACRYPT.

[3]  Henri Gilbert,et al.  Key-Recovery Attack on the ASASA Cryptosystem with Expanding S-Boxes , 2015, CRYPTO.

[4]  Brent Waters,et al.  Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys , 2006, EUROCRYPT.

[5]  Jean-Charles Faugère,et al.  Polynomial Equivalence Problems: Algorithmic and Theoretical Aspects , 2006, EUROCRYPT.

[6]  Andrey Bogdanov,et al.  White-Box Cryptography Revisited: Space-Hard Ciphers , 2015, CCS.

[7]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[8]  Brecht Wyseur,et al.  White-Box Cryptography , 2011, Encyclopedia of Cryptography and Security.

[9]  Yoni De Mulder White-Box Cryptography: Analysis of White-Box AES Implementations (White-Box Cryptografie: Analyse van White-Box AES implementaties) , 2014 .

[10]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[11]  S.-V Ghita,et al.  A new DRM architecture based on mobilel code and white-box encryption , 2012, 2012 9th International Conference on Communications (COMM).

[12]  Andrey Bogdanov,et al.  Towards Practical Whitebox Cryptography: Optimizing Efficiency and Space Hardness , 2016, ASIACRYPT.

[13]  Mark Zhandry,et al.  Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation , 2014, Algorithmica.

[14]  Brice Minaud,et al.  Efficient and Provable White-Box Primitives , 2016, ASIACRYPT.

[15]  Rudolf Mumenthaler 1.4 Digital Rights Management (DRM) , 2017 .

[16]  Alex Biryukov,et al.  Cryptographic Schemes Based on the ASASA Structure: Black-Box, White-Box, and Public-Key (Extended Abstract) , 2014, ASIACRYPT.

[17]  Brice Minaud,et al.  Key-Recovery Attacks on ASASA , 2015, ASIACRYPT.

[18]  Tancrède Lepoint,et al.  White-Box Security Notions for Symmetric Encryption Schemes , 2013, Selected Areas in Cryptography.