Paper 2013/523

White-Box Security Notions for Symmetric Encryption Schemes

Cécile Delerablée, Tancrède Lepoint, Pascal Paillier, and Matthieu Rivain


White-box cryptography has attracted a growing interest from researchers in the last decade. Several white-box implementations of standard block-ciphers (DES, AES) have been proposed but they have all been broken. On the other hand, neither evidence of existence nor proofs of impossibility have been provided for this particular setting. This might be in part because it is still quite unclear what {white-box} cryptography really aims to achieve and which security properties are expected from white-box programs in applications. This paper builds a first step towards a practical answer to this question by translating folklore intuitions behind white-box cryptography into concrete security notions. Specifically, we introduce the notion of white-box compiler that turns a symmetric encryption scheme into randomized white-box programs, and we capture several desired security properties such as one-wayness, incompressibility and traceability for white-box programs. We also give concrete examples of white-box compilers that already achieve some of these notions. Overall, our results open new perspectives on the design of white-box programs that securely implement symmetric encryption.

Available format(s)
Publication info
Published elsewhere. Minor revision. SAC 2013
White-Box CryptographySecurity NotionsAttack ModelsSecurity GamesTraitor tracing
Contact author(s)
matthieu rivain @ gmail com
2013-08-30: received
Short URL
Creative Commons Attribution


      author = {Cécile Delerablée and Tancrède Lepoint and Pascal Paillier and Matthieu Rivain},
      title = {White-Box Security Notions for Symmetric Encryption Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2013/523},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.