Applying White-Box Cryptography SoBeNet user group meeting October 8, 2004 Brecht Wyseur.

Slides:



Advertisements
Similar presentations
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
The Hardware Security Module. Agenda MAHOhard members To give background Project details Design and implementation.
White-Box Cryptography
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Block Ciphers and the Data Encryption Standard
Software Hardening & FIPS 140 Eugen Bacic & Gary Maxwell September 27th, 2005.
Principles of Information Security, 2nd edition1 Cryptography.
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
AES clear a replacement for DES was needed
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
Chapter 10 Boundary Controls. Cryptographic Controls Cryptology is the science of secret codes Cryptography deals with systems for transforming data into.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Lecture 23 Symmetric Encryption
Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.
Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Project supported by YESS 2009 Young Engineering Scientist Symposium « Identity Management » Cryptography for the Security of Embedded Systems Ambient.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptanalysis. The Speaker  Chuck Easttom  
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Chapter 8 Information Security 1.
1 Convergent Dispersal: Toward Storage-Efficient Security in a Cloud-of-Clouds Mingqiang Li 1, Chuan Qin 1, Patrick P. C. Lee 1, Jin Li 2 1 The Chinese.
Chapter 5 Advanced Encryption Standard. Origins clear a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Chapter 20 Symmetric Encryption and Message Confidentiality.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Cryptography Team Presentation 2
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Project Proposals for MAI from COSIC Oct. 6th, pm.
Lecture 2: Introduction to Cryptography
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Advanced Encryption Standard. Origins NIST issued a new version of DES in 1999 (FIPS PUB 46-3) DES should only be used in legacy systems 3DES will be.
Lecture 23 Symmetric Encryption
Advanced Encryption Standard Dr. Shengli Liu Tel: (O) Cryptography and Information Security Lab. Dept. of Computer.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
Tamper Resistant Software: An Implementation By David Aucsmith, IAL In Information Hiding Workshop, RJ Anderson (ed), LNCS, 1174, pp , “Integrity.
TRUSTED FLOW: Why, How and Where??? Moti Yung Columbia University.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Compilers and Security
e-Health Platform End 2 End encryption
Hardware Cryptographic Coprocessor
PART VII Security.
CSCE 715: Network Systems Security
CSCE 715: Network Systems Security
Presentation transcript:

Applying White-Box Cryptography SoBeNet user group meeting October 8, 2004 Brecht Wyseur

SoBeNet – Track 3 “Software Tamper Resistance” COSIC – Computer Security and Industrial Cryptography Members  Prof. Bart Preneel  Jan Cappaert  Brecht Wyseur Project Involvement  Obfuscation (Jan)  White-Box Cryptography (Brecht)

Overview Problem Description State-Of-The-Art White-Box Transformations Pro’s and Cons Future Research

Problem Description Quite easy to find stored or embedded keys  Shamir et al.: Playing hide and seek with stored keys  Algebraic attack on RSA key  Attack through entropy data Key information

White-Box Cryptography (chow et al. 2002) White-box attack context (WBAC) a.k.a. Malicious host attack context  Full-privileged attack software shares a host with cryptographic software, having complete access to the implementation of algorithms;  Dynamic execution (with instantiated cryptographic keys) can be observed;  Internal algorithm details are completely visible and alterable at will. The attacker's objective is to extract the cryptographic key, e.g. For use on a standard implementation of the same algorithm on a different platform.

Applications Software Agents  Embedded cryptographic keys for signing purposes Digital Rights Management (DRM) Smart Card Technology Asymmetric crypto system

State-Of-The-Art Sander et al.: Impossible situation to secure August 2002 – Chow et al.  A White-Box DES Implementation  A White-Box AES Implementation Link et al. – Security issues and improvements “Choice of implementation the sole remaining line of defense”

General idea (1) Expanding the cryptographic border External function encoding Attacker:  Analyse  Isolate random bijections  Analyse to find Goal: make isolation difficult Cryptographic algorithm Authentication code …

General Idea (2) Spreading embedded secret information Thus forcing an attacker to understand a greater part of the implementation KEY

How? White-Box Transformations Transform an algorithm into a series of key- dependant lookup tables

White-Box Transformations Partial Evaluation Combined Function Encoding By-Pass Encoding Split Path Encoding … Techniques apply on cryptographic algorithms build with XOR, substitution and permutation functions AES, DES, …

White-Box Transformations (2) Partial Evaluation 6 4 S Definition of a new key- dependant lookup table k

Internal Function Encoding A A B B A’ B’ Encoded version: f f g g Choose random bijection and White-Box Transformations (3)

Local Security Internal function encoding provides local security A’ is known. Because the bijection f is random, no information can be revealed of A (similar to one time path)

Global Security Currently no proof Can we guarantee white-box security? Trade-off between performance and level of security AES: Cryptanalysis by Billet et al. (2004)

Some Numbers DES  Chow et al.: 4,54 Mb  Improvement by Link et al.: 2,25 Mb AES  Normal implementation: bytes  Chow et al.: bytes 177 times bigger, 55 times slower 3104 lookups

Pro’s and Cons Pro’s  Expansion of cryptographic boundaries  Diversity by injection of random bijections Cons  Performance reduction  Implementation size  Lack of proof of security

Future Research Development of new techniques  Algebraic transformations  Dynamic key implementations Proof of security Development of an automated application tool Improve security with Obfuscation techniques

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.