Paper 2019/1405

Revisiting Higher-Order Computational Attacks against White-Box Implementations

Houssem Maghrebi and Davide Alessio


White-box cryptography was first introduced by Chow et al. in $2002$ as a software technique for implementing cryptographic algorithms in a secure way that protects secret keys in an untrusted environment. Ever since, Chow et al.'s design has been subject to the well-known Differential Computation Analysis (DCA). To resist DCA, a natural approach that white-box designers investigated is to apply the common side-channel countermeasures such as masking. In this paper, we suggest applying the well-studied leakage detection methods to assess the security of masked white-box implementations. Then, we extend some well-known side-channel attacks (i.e. the bucketing computational analysis, the mutual information analysis, and the collision attack) to the higher-order case to defeat higher-order masked white-box implementations. To illustrate the effectiveness of these attacks, we perform a practical evaluation against a first-order masked white-box implementation. The obtained results have demonstrated the practicability of these attacks in a real-world scenario.

Available format(s)
Publication info
Published elsewhere. MINOR revision.ICISSP 2020
white-box cryptographymaskinghigher-order computational attacksleakage detectionAES
Contact author(s)
houssem mag @ gmail com
davide alessio @ gmail com
2019-12-05: received
Short URL
Creative Commons Attribution


      author = {Houssem Maghrebi and Davide Alessio},
      title = {Revisiting Higher-Order Computational Attacks against White-Box Implementations},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1405},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.