White-Box Cryptography

Outline Motivation White-Box Cryptography White-Box Implementation White-Box In Practice Conclusion

Motivation Cryptography is widely used nowadays, attack still exists. Black-Box Attack Model White-Box Attack Model

Black-Box Attack Model Tries to deduce the key from a list {(plaintext, ciphertext)}

Black-Box Attack Model Side-channel Attack Executing time Electromagnetic radiation Power consumption

White-Box Attack Model Attacker has full control over software execution Full access to the implementation of cryptography algorithm Full access to the platform: CPU calls, memory, registers, etc. Binary completely visible Can manipulate the execution

White-Box Attack Model Target for attack Implementation of cryptography Secret key

White-Box Attack Example Key Whitening Attack Zero lookup tables(such as S-box) using hex editor Getting output of penultimate operation Original AES key easily be derived

White-Box Attack Example Entropy Attack Object: Computer Memory Keys: usually chose by random generator Code: contains structure

White-Box Attack Example Format Analysis Analyze binary code

White-Box Attack Example Code Boot Attack Applicable to Bitlocker, TrueCrypt, FileVault TrueCrypt boot loader Password entered at boot time Disk encryption key needs to be stored in memory Attack: exploit data remanency property of DRAM, cooling increase time Removed & inserted into another hacked machine to read data, such as crypto keys

Outline Motivation White-Box Cryptography White-Box Implementation White-Box In Practice Conclusion

Object Hide a cryptography key in a white-box implementation

A Naive Example Implement a cipher as one big lookup table No more information ‘leaks’ from the set of {(plaintext, ciphertext)} Lookup Table size: For n-bit block cipher, size would be n*2n bit 32 bit: 232*32 bit =237 bit=4 GBytes Using a network of lookup table instead void encrypt (uint32_t* plaintext, uint32_t* ciphertext) { char S[] = { 0x9e37b8e9, 0xaf48c9fa, 0x8d26a7d8, … }; /* Sbox */ ciphertext = S[plaintext]; }

What is White-Box Cryptography? Definition Dwb(m): need ONE input Dk(m): need TWO input Essentially, Dwb(m) is the exclusive edition of Dk(m) with specific cipher key.

What is White-Box Cryptography? Main Idea Embed both the fixed key & random data in a composition. Hard to derive the original key. Attacker knows which crypto algorithm Attacker knows where in the memory Attacker knows where in the application

What is White-Box Cryptography? State of Art Unfortunately, there is no white-box cryptography proved to be secure Current best method: hide keys according to characteristics of the specific crypto algorithm Only white-box DES & AES published Both have been broken No academic paper on asymmetric primitives

What is White-Box Cryptography? State of Art Interesting: After some company buying white-box crypto solutions, they mix their own crypto, which is not recommended in crypto application. For white-box crypto, this is reasonable. Security of white-box crypto depends on how hard the cipher key is hidden, not the cipher primitives.

Outline Motivation White-Box Cryptography White-Box Implementation White-Box In Practice Conclusion

First White-Box Implementation Chow et al. 2002. A White-Box DES Implementation for DRM Applications Chow et al. 2002. White-Box Cryptography and an AES Implementation

Original DES Basic operations: Replacing, Changing places, XOR Chow, et al.: Transform to randomized networked lookup tables closely related to the crypto key

White-Box DES Transform a cipher into a series of key-dependent lookup tables. Secret key is hard-code into the lookup tables Protected by randomization techniques

Lookup Tables Example Lookup Tables: define every input & output Any finite function can transform to a lookup table Table A: Replacing Operation Table B: XOR Operation Table C: Negative Operation

Lookup Tables Example All basic primitives in DES transform into lookup tables:

Divide and Conquer Attacker may recognize every lookup table and analyze each basic operation. Mix 3 tables into 1 big lookup table:

Divide and Conquer BUT, the lookup table will become very huge. For n bits input & m bits output, 2n×m bits is required. Solution: we need a series of networked lookup tables: L1 ◦ L2 ◦ L3 ◦ …

Partial Evaluation Chow, et al. adopted partial evaluation to mix crypto keys with algorithm. Dskey(m)  Dwb(m) In DES: Some operation is fixed (e.g. changing place)  Corresponding lookup tables are fixed -------- not affected by crypto keys Some operation is NOT fixed (e.g. replacing using crypto key)  Corresponding lookup tables are NOT fixed -------- affected by crypto keys Attacker can distinguish the unfixed lookup tables by analyzing each table We need to randomize every lookup table Making distinguishing more difficult

Internal Encodings Considering 3 consecutive lookup tables in the network: L3◦L2◦L1, L2 contains some key information. e.g. L2(x)=x⊕k Every lookup table is available to the white-box attacker The key information can be extracted directly e.g. L2(0)

Internal Encodings Countermeasure: Add internal encoding: b1, b2: randomization operations b1-1, b2-1: opposite operations L’3◦ L’2◦ L’1= L3◦b2-1◦b2◦ L2◦b1-1◦b1◦ L1= L3◦ L2◦ L1 Now, L’2 does not leak any key information Attacker have to analyze all 3 encoded tables to gain information

Outline Motivation White-Box Cryptography White-Box Implementation White-Box In Practice Conclusion

Code Lifting Attacker: No need to know internal details, just need API. Embed the white-box implementation into his App. Still encrypt/decrypt data as having the key.

External Encodings Same as Internal Encodings. But not between 2 blocks inside cryptography implementation But outside Annihilating encoding somewhere else e.g. incorporate into the decryption functions

Traitor Tracing Object: Detect who has been sharing code (pirate) Use case: DRM Insert fingerprints into white-box implementation Can also be used in software tamper resistance Malware instructions can be detected Any modification leads to lookup tables collapse

Conclusion Being used in real-world application, mainly DRM apps. Although academic attacks have been published No attacks on commercial white-box implementation have been seen. White-box cryptography still in its early days Requires further research before being widely adopted.