Corpus ID: 9420232

On White-box Cryptography and Obfuscation

  title={On White-box Cryptography and Obfuscation},
  author={Amitabh Saxena and Brecht Wyseur},
We study the relationship between obfuscation and white-box cryptography. We capture the requirements of any white-box primitive using a \emph{White-Box Property (WBP)} and give some negative/positive results. Loosely speaking, the WBP is defined for some scheme and a security notion (we call the pair a \emph{specification}), and implies that w.r.t. the specification, an obfuscation does not leak any ``useful'' information, even though it may leak some ``useless'' non-black-box information… Expand
White-Box Cryptography
  • B. Wyseur
  • Computer Science
  • Encyclopedia of Cryptography and Security
  • 2011
A study towards a theoretical model for white-box cryptography is initiated where the security requirements of WBC are defined over some cryptographic scheme and a security notion, which leads to a number of positive and negative results. Expand
The Birth of Cryptographic Obfuscation -- A Survey
An overview of recent research is given, focusing on the theoretical results on general purpose obfuscation, particularly, indistinguishability obfuscation. Expand
Honey, I Shrunk Your App Security: The State of Android App Hardening
This paper assesses the RASP market for Android by providing an overview of the available products and their features, and describes an in-depth case study for a leading RasP product—namely Promon Shield—which is being used by approximately 100 companies to protect over 100 million end users worldwide. Expand
Encryption Algorithm Technique for Device's key Protect in M2M environment
The technique for applying the cryptography algorithm for the protection of the device key of the M2M environment is proposed, based on the elliptic curve cryptography and has secure advantages against Data modulation and exposure, MITM(Man-in-the-middle attack), Data forgery and Manipulation attack. Expand
Study on white-box cryptography: Key whitening and entropy attacks
  • Kratika Bhatia, S. Som
  • Computer Science
  • 2016 5th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)
  • 2016
This paper explains White-Box Cryptograph trends and some important problems, also focuses on two most popular cryptographic techniques-key whitening and entropy technique as well as the attacks imposed on them. Expand
Code Renewability for Native Software Protection
An architecture and supporting tool flow to renew parts of native applications dynamically to protect assets embedded in software by preventing and delaying reverse engineering and tampering attacks is presented. Expand


Zero-Knowledge and Code Obfuscation
The gap between auxiliary-input zero-knowledge (AIZK) and blackbox-simulation zero- knowledge (BSZK) is investigated and it is shown that it is impossible to securely obfuscate a code of a cheating verifier behaving as a pseudorandom function. Expand
Obfuscation for Cryptographic Purposes
The results show that, while it is hard to avoid generic impossibilities, useful and reasonable obfuscation definitions are possible when considering specific tasks (i.e., function families), and several natural classes of functions for which their definitions yield interesting results. Expand
Positive Results and Techniques for Obfuscation
This paper focuses on the goal of access control, and gives several provable obfuscations for complex access control functionalities, in the random oracle model, and provides the first formal proof techniques for obfuscation. Expand
Cryptanalysis of white box DES implementations
A general method that applies to all schemes of obfuscation applied to the DES and is implemented with a C code and applied successfully to thousands of obfuscated implementations of DES (both "naked" and "non-standard" DES). Expand
Obfuscating Point Functions with Multibit Output
A notion of obfuscation that is preserved under an appropriate composition operation is defined, which can be used to construct obfuscators of point functions with multibit output and other related functions. Expand
On the (Im)possibility of Obfuscating Programs
It is proved that obfuscation is impossible, by constructing a family of functions F that are inherently unobfuscatable in the following sense: there is a property π : F → {0, 1} such that given any program that computes a function f ∈ F, the value π(f) can be efficiently computed. Expand
On obfuscating point functions
  • H. Wee
  • Computer Science, Mathematics
  • STOC '05
  • 2005
This work provides a simple construction of efficient obfuscators for point functions for a slightly relaxed notion of obfuscation, and yields the first non-trivial obfuscator under general assumptions in the standard model. Expand
On the (im)possibility of obfuscating programs : (Extended abstract)
Informally, an obfuscator O is an (efficient, probabilistic) compiler that takes as input a program (or circuit) P and produces a new program O(P) that has the same functionality as P yet isExpand
On the impossibility of obfuscation with auxiliary input
  • S. Goldwasser, Y. Kalai
  • Mathematics, Computer Science
  • 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05)
  • 2005
It is shown that any obfuscator for the class of point functions is also an obfuscator with independent auxiliary input, and it is proved that there exist many natural classes of functions that cannot be obfuscated w.r.t. auxiliary input. Expand
White-Box Cryptography and an AES Implementation
Encrypted-composed-function methods intended to provide a practical degree of protection against white-box (total access) attacks in untrusted execution environments are discussed. Expand