Cryptology ePrint Archive: Report 2018/1047

On the Linear Transformation in White-box Cryptography

Seungkwang Lee and Nam-su Jho and Myungchul Kim

Abstract: Linear transformations are applied to the white-box cryptographic implementation for the diffusion effect to prevent key-dependent intermediate values from being analyzed. However, it has been shown that there still exists a correlation before and after the linear transformation, and thus this is not enough to protect the key against statistical analysis. So far, the Hamming weight of rows in the invertible matrix has been considered the main cause of the key leakage from the linear transformation. In this study, we present an in-depth analysis of the distribution of intermediate values and the characteristics of block invertible binary matrices. Our mathematical analysis and experimental results show that the balanced distribution of the key-dependent intermediate value is the main cause of the key leakage.

Category / Keywords: secret-key cryptography / White-box cryptography, linear transformation, key leakage

Date: received 29 Oct 2018, last revised 18 Feb 2020

Contact author: skwang at etri re kr

Available format(s): PDF | BibTeX Citation

Version: 20200218:115446 (All versions of this report)

Short URL: ia.cr/2018/1047


[ Cryptology ePrint archive ]