Cryptanalysis of white box DES implementations

Obfuscation is a method consisting in hiding information of some parts of a computer program. According to the Kerckhoffs principle, a cryptographical algorithm should be kept public while the whole security should rely on the secrecy of the key. In some contexts, source codes are publicly available, while the key should be kept secret; this is the challenge of code obfuscation. This paper deals with the cryptanalysis of such methods of obfuscation applied to the DES. Such methods, called the "naked-DES" and "nonstandard-DES", were proposed by Chow et al. [5] in 2002. Some methods for the cryptanalysis of the "naked-DES" were proposed by Chow et al. [5], Jacob et al. [6], and Link and Neuman [7]. In their paper, Link and Neuman [7] proposed another method for the obfuscation of the DES. In this paper, we propose a general method that applies to all schemes. Moreover, we provide a theoretical analysis. We implemented our method with a C code and applied it successfully to thousands of obfuscated implementations of DES (both "naked" and "non-standard" DES). In each case, we recovered enough information to be able to invert the function.

[1]  Hamilton E. Link,et al.  Clarifying obfuscation: improving the security of white-box DES , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[2]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[3]  Dan Boneh,et al.  Attacking an Obfuscated Cipher by Injecting Faults , 2002, Digital Rights Management Workshop.

[4]  Hamilton E. Link,et al.  Clarifying Obfuscation: Improving the Security of White-Box Encoding , 2004, IACR Cryptol. ePrint Arch..

[5]  Boaz,et al.  On the (Im)possibility of Obfus ating Programs , 2001 .

[6]  Olivier Billet,et al.  Cryptanalysis of a White Box AES Implementation , 2004, Selected Areas in Cryptography.

[7]  Louis Goubin,et al.  Asymmetric cryptography with S-Boxes , 1997, ICICS.

[8]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[9]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[10]  Bart Preneel,et al.  Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings , 2007, IACR Cryptol. ePrint Arch..

[11]  Louis Goubin,et al.  Improved Algorithms for Isomorphisms of Polynomials , 1998, EUROCRYPT.