Cryptology ePrint Archive: Report 2021/767

White-box Cryptography with Device Binding from Token-based Obfuscation and more

Shashank Agrawal and Estuardo Alpirez Bock and Yilei Chen and Gaven Watson

Abstract: White-box cryptography has been proposed as a software countermeasure technique for applications where limited or no hardware-based security is available. In recent years it has been crucial for enabling the security of mobile payment applications. In this paper we continue a recent line of research on device binding for white-box cryptography. Device binding ensures that a white-box program is only executable on one specific device and is unusable elsewhere. Building on this, we ask the following question: is it possible to design a global white-box program which is compiled once, but can be securely shared with multiple users and bound to each of their devices? Acknowledging this question, we provide two new types of provably-secure constructions for white-box programs.

First, we consider the use of Token-Based Obfuscation (TBO) and show that TBO can provide us a direct way to construct white-box programs with device-binding, as long as we can securely share a token generation key between the compiling entity and the device running the white-box program. This new feasibility result provides more general and efficient results than previously presented for white-box cryptography and demonstrates a new application of TBO not previously considered.

We then consider a stronger family of global white-boxes, where secrets don't need to be shared between users and providers. We show how to extend approaches used in practice based on message recoverable signatures and validate our proposed approach, by providing a construction based on puncturable PRFs and indistinguishability obfuscation.

Category / Keywords: applications / White-box cryptography, Obfuscation, Device-binding, Mobile payments

Date: received 8 Jun 2021

Contact author: estuardo alpirezbock at gmail com, gawatson at visa com

Available format(s): PDF | BibTeX Citation

Version: 20210609:062330 (All versions of this report)

Short URL: ia.cr/2021/767


[ Cryptology ePrint archive ]