You are looking at a specific version 20220328:143539 of this paper. See the latest version.

Paper 2022/385

ECDSA White-Box Implementations: Attacks and Designs from WhibOx 2021 Contest

Guillaume Barbu and Ward Beullens and Emmanuelle Dottax and Christophe Giraud and Agathe Houzelot and Chaoyun Li and Mohammad Mahzoun and Adrián Ranea and Jianrui Xie

Abstract

Despite the growing demand for software implementations of ECDSA secure against attackers with full control of the execution environment, the scientific literature on white-box ECDSA design is scarce. To assess the state-of-the-art and encourage practical research on this topic, the WhibOx 2021 contest invited developers to submit white-box ECDSA implementations and attackers to break the corresponding submissions. In this work we describe several attack techniques and designs used during the WhibOx 2021 contest. We explain the attack methods used by the team TheRealIdefix, who broke the largest number of challenges, and we show the success of each method against all the implementations in the contest. Moreover, we describe the designs, submitted by the team zerokey, of the two winning challenges; these designs represent the ECDSA signature algorithm by a sequence of systems of low-degree equations, which are obfuscated with affine encodings and extra random variables and equations. The WhibOx contest has shown that securing ECDSA in the white-box model is an open and challenging problem, as no implementation survived more than two days. To this end, our designs provide a starting methodology for further research, and our attacks highlight the weak points future work should address.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
ECDSAWhite-box CryptographyWhibOx
Contact author(s)
agathe houzelot @ idemia com,christophe giraud @ idemia com,emmanuelle dottax @ idemia com,guillaume barbu @ idemia com,wbe @ zurich ibm com,m mahzoun @ tue nl,chaoyun li @ esat kuleuven be,adrian ranea @ esat kuleuven be,jianrui xie @ esat kuleuven be
History
2022-03-28: received
Short URL
https://ia.cr/2022/385
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.