You are looking at a specific version 20201118:141323 of this paper. See the latest version.

Paper 2020/104

On the Security Goals of White-Box Cryptography

Estuardo Alpirez Bock and Alessandro Amadori and Chris Brzuska and Wil Michiels

Abstract

We discuss existing and new security notions for white-box cryptography and comment on their suitability for Digital Rights Management and Mobile Payment Applications, the two prevalent use-cases of white-box cryptography. In particular, we put forward indistinguishability for white-box cryptography with hardware-binding (IND-WHW) as a new security notion that we deem central. We also discuss the security property of application-binding and explain the issues faced when defining it as a formal security notion. Based on our proposed notion for hardware-binding, we describe a possible white-box competition setup which assesses white-box implementations w.r.t. hardware-binding. Our proposed competition setup allows us to capture hardware-binding in a practically meaningful way. While some symmetric encryption schemes have been proven to admit plain white-box implementations, we show that not all secure symmetric encryption schemes are white-boxeable in the plain white-box attack scenario, i.e., without hardware-binding. Thus, even strong assumptions such as indistinguishability obfuscation cannot be used to provide secure white-box implementations for arbitrary ciphers. Perhaps surprisingly, our impossibility result does not carry over to the hardware-bound scenario. In particular, Alpirez Bock, Brzuska, Fischlin, Janson and Michiels (ePrint 2019/1014) proved a rather general feasibility result in the hardware-bound model. Equally important, the apparent theoretical distinction between the plain white-box model and the hardware-bound white-box model also translates into practically reduced attack capabilities as we explain in this paper.

Note: This paper will appear in the proceedings of TCHES Volume 2020, Issue 2. Both versions of the paper are essentially identical and differ only in their formatting. We have corrected some typos which appeared on Construction 1.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published by the IACR in TCHES 2020
Keywords
White-box cryptographyHardware-bindingApplication-bindingSecurity NotionsFeasibilityAES
Contact author(s)
estuardo alpirezbock @ gmail com,chris brzuska @ aalto fi
History
2020-11-18: last of 3 revisions
2020-02-04: received
See all versions
Short URL
https://ia.cr/2020/104
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.