Paper 2018/1047

On the Linear Transformation in White-box Cryptography

Seungkwang Lee, Nam-su Jho, and Myungchul Kim

Abstract

Linear transformations are applied to the white-box cryptographic implementation for the diffusion effect to prevent key-dependent intermediate values from being analyzed. However, it has been shown that there still exists a correlation before and after the linear transformation, and thus this is not enough to protect the key against statistical analysis. So far, the Hamming weight of rows in the invertible matrix has been considered the main cause of the key leakage from the linear transformation. In this study, we present an in-depth analysis of the distribution of intermediate values and the characteristics of block invertible binary matrices. Our mathematical analysis and experimental results show that the balanced distribution of the key-dependent intermediate value is the main cause of the key leakage.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
White-box cryptographylinear transformationkey leakage
Contact author(s)
skwang @ etri re kr
History
2020-02-18: last of 10 revisions
2018-11-02: received
See all versions
Short URL
https://ia.cr/2018/1047
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1047,
      author = {Seungkwang Lee and Nam-su Jho and Myungchul Kim},
      title = {On the Linear Transformation in White-box Cryptography},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1047},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/1047}},
      url = {https://eprint.iacr.org/2018/1047}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.