5/03/2009

Cryptography: the basic principle

Plaintext CRYPTO !@#%%& CRYPTO Plaintext

Alice Listen Bob

Modify
White-Box Cryptography
Yves

Ph.D graduation presentation
Basic assumption

Brecht Wyseur

Adversary has knowledge of the algorithm (Kerckhoffs 1883 [104])

Security of a cryptosystem system relies on the confidentiality of the key
March 5, 2009, Heverlee
2

Keys in cryptography Cryptography is part of our modern life

Symmetric cryptography
Telecommunication

Financial

Transport

Asymmetric cryptography

Digital signatures

Identification

Public-key encryption

Recreational

…

3 4

Example: iTunes Example: iTunes (2)

? D

Alice bad bob

1$ Yves

User has an incentive to attack the software

Break the restrictions posed on content

To steal protected data

To cheat (e.g., in an online game; access control)

5 6

1
 5/03/2009

Software Attacks Software attacks

When a user has an incentive to attack
Reverse engineering: attempt to decompile or

Or is subject to malware understand binary code

Tools: IDA Pro, OllyDbg, Syser, Objdump, …

White-box attack model

Adversary has fully-privileged access to the execution platform

Dynamic execution (with instantiated cryptographic keys) can
be observed,

Internal details of implementations are completely visible and
alterable at will.

7 8

Entropy Attack (Shamir and Van Someren, 1999, [167]) Key Whitening Attack (Kerins and Kursawe, 2006 [104])

Implementation attack on k

Computergeheugen: ciphers that deploy a key-

S
whitening (e.g., AES) x y = S(x) + k

Strategy: identify and

k overwrite S-box definition
0-bit
1-bit in binary:
S
0, then

Keys need to be chosen at random from a (uniform) y=0+k
distribution
high entropy.

Code typically contains structure
low entropy
9 10

Digital Rights Management (DRM) Software Piracy

Digital management of rights (/restrictions)
Illegal copy and distribution of software

Audio, video, software (including games), education material, etc.

Business Software Alliance (BSA) (2006)

IFPI

Global digital revenues by industry (2008)
Games 35%
Recorded Music 20% Belgium: 27% pirate SW
Newspapers 4%
- 35% word-wide
Films 4%
- 82% in China
Magazines 1%

Digital music: €3 billion in trade value

GTA IV – 1000 developers for 3.5 years

Estimate production cost: €80 million

11 12

2
 5/03/2009

Traditional Assessment of Security Example security notion: KR-CPA

Model of the active adversary:
Key Recovery under Chosen Plaintext Attack

Interaction with key-instantiated oracles

Security Notion: objective and capabilities Plaintext

Ek E

Dk !@#%%&

13 14

Our main research question Our Contributions

Practical implementations (Chapter 3)
How can cryptographic primitives be implemented in
Cryptanalysis of white-box DES implementations
software, such that they remain secure?
Analysis of basic building blocks and invertibility issue

‘black-box’ ‘white-box’
Formal model (Chapter 4)

Formalizing white-box cryptography

Positive and negative results

Extensions towards probabilistic primitives

E
k

Applications (Chapter 5)

Links with diverse related techniques

Development of practical solutions in software security

15 16

Overview Overview

Introduction
Introduction

White-box security assessment
White-box security assessment

White-box implementations (Chapter 3)
White-box implementations

Formal model and (im)possibility result (Chapter 4)
Formal model and (im)possibility result

Applications and related research domains (Chapter 5)
Applications and related research domains

Conclusions and future work
Conclusions and future work

17 18

3
 5/03/2009

White-Box Implementations Obfuscation Strategy

The single line of defense is HOW to implement a cipher.
S. Chow, P. Eisen, H. Johnson, and P.C. van Oorschot, 2002 [42,43]

Software implementation with instantiated secret key Implement a block cipher as a network of randomized lookup tables

08 C1 EE 18 33 78
08 0F B6 C6 33 3C
85 80 50 14 95 80
4C 00 08 C1 E8 45
08 C1 EE 18 33 78 D8 C1 E9 10 0F B6
08 0F B6 C6 33 3C
85 80 50 14 95 80 C9 C4 89 49 54 0F
4D C1 9C 8B 14 95
E 4C 00 08 C1 E8 45
? D8
C9
C1
C4
E9
89
10
49
0F
54
B6
0F
5D
D0
CC
85
C1
D4
E8
55
18
94
7D
E3
4D C1 9C 8B 14 95 6C 0F 8B 5D 1C 5F
5D CC C1 E8 18 7D
D0 85 D4 55 94 E3
6C 0F 8B 5D 1C 5F

Idea:

Spread key information on the entire network

Make every building block seemingly independent from the key.

Goal: Effort of analysis ≥ BB attack
Objective: force an adversary to analyze the complete network in order to

Ideal: Implement the cipher as one big lookup table obtain secret key information
force to resort to black-box attacks.

Techniques: partial evaluation, by-pass encoding, matrix decomposition, etc.
19 20

Internal encodings Security of encoded networks

Consider the chain
L1 b1 b1-1 L2 b2 b2-1 L3

L2 contains key information

Obfuscate L2 with the bijections b1, and b2

Encoded chain:

Local security

If L2= fk is bijective, then L’2 is locally secure, because

This is infeasible to map to entire implementation (Lynn et al.,

2004 [118])
L1 b1 b1-1 L2 b2 b2-1 L3
Global Security?

Metrics

Diversity

Ambiguity
L’1 L’2 L’3
Scrutiny
Chapter 3

Prove
Chapter 4
21 22

State of the art Differential cryptanalysis

WB DES WB AES
Introduce a difference (targeted fault)
Chow et al. 2002 Chow et al. 2002 in the application
Naked variant Encoded variant
Observe the fault propagation
algebraic cryptanalysis
Learn.
Fault injection attack
Jacob et al. 2002
Cryptanalysis
Statistical attack Billet et al. 2004
Link et al. 2005

Improved variant

Deployed to analyze white-box implementations at the
Cryptanalysis
Goubin et al. 2007
‘edges’ of the implementation (first/last round)
Cryptanalysis
In this dissertation: a new strategy of truncated
Wyseur et al. 2007 Generic Cryptanalysis
Michiels et al. 2008 differential cryptanalysis on the internal rounds (hence
Truncated differential cryptanalysis
independent from external protections)
basic building
23 block analysis 24

4
 5/03/2009

Cryptanalysis of White-Box DES Impl. Cryptanalysis of WBDES (2) (Wyseur et al., 2007 [191])

Wyseur et al., 2007 [191] 3. Compute inputs to the S-boxes

4. Recover the key (up to some

Cryptanalysis on internal natural ambiguity)
round structure, independent 5. Recover the external encodings
of external encodings

Strategy:
1. Distinguish round input
differences that propagate slow Observable
Underlying
behavior
2. Construct set of differences by attacker
that correspond to flips of
single bits at input of DES S-
boxes
3. …

25 26

Algebraic Cryptanalysis Algebraic cryptanalysis

Main strategy:
Demonstrated on white-box AES implementation

Remove the non-linear component of the internal encodings (O. Billet, H. Gilbert and C. Ech-Chatbi, 2004 [20])
Theorem 1 (O. Billet, H. Gilbert and C. Ech-Chatbi, 2004 [20]):
Extended to ‘SLT’ ciphers (includes MDS-based ciphers)
yields , with affine (W. Michiels, P. Gorissen and H. Hollmann, 2008 [135])

… towards analysis of block cipher building blocks

Construct algebraic equations (our contribution)

Solve the equations to obtain key information.
Example: encoded addition operation

x0 f0-1
g y

Q x1 f1-1

27 28

Analysis of basic building block Invertibility (PR-CPA)

c0
Plaintext
wbAES: 232 – because lookup
c1 f0-1 y0
g ? tables work on per-column
f1-1 y1 basis
Ek

Hence:
wbDES: 296 (>> 256, DES
natural resistance)
!@#%%&
Because of the use of parallel,

The family of functions yields encoded addition networks of
information on the encoding g.
KR-CPA is often not 96 bits to 4 bits
satisfactory But, XOR building block

The obtained information can be used as an alternative

approach to cryptanalysis the DES and AES
PR-CPA (plaintext recovery under analysis defeats non-linearity
chosen plaintext attack) is much of these networks
implementations.
more interesting in practice

29 30

5
 5/03/2009

Conclusions chapter 3 Overview

White-box implementations of DES and AES are insecure
Introduction

Differential cryptanalysis
White-box security assessment

Algebraic cryptanalysis
White-box implementations

Formal model and (im)possibility result

Attacks are specific to the cryptographic primitive, or a
Applications and related research domains
building block that is present.
Conclusions and future work

Towards a block cipher with building blocks that is suitable to
be implemented in software

Proposals are formulated in dissertation.

Extensions towards non-invertibility and key update

31 32

Formal approach to WBC Obfuscation – soundness

Objectives
Predicate-based definition (Barak et al., 2001 [6])

Formalize white-box cryptography

Capture the security of white-box solutions (beyond scrutiny)

What is feasible? 1n

Negative results O(P)

Positive results
P
A A

Related

Theoretical models for Obfuscation
Obfuscation – hide characteristics of a program P b b
(program code, internal data values, sensitive routines, etc.)
Distinguisher-based definition
O is an obfuscator, O(P) functionally equivalent obfuscated
program.

33 34

Models for Obfuscation Our approach to capture WBC

Many models and results have been presented, but…
A new model, based on predicate-based notion for

Predicate-based definition is too weak (meaningless) obfuscation, specific to WBC

Distinguisher-based definition is too strong (nothing interesting (Saxena and Wyseur, 2008 [165])
possible: deterministic & obfuscatable
learnable)

Learnable
We capture “meaning” with security notions

Attack goals

Attack capabilities (described as a game between a challenger
and the adversary)

Learnable functions not of our interest

Cryptographic scheme’s should be non-learnable.

Also, obfuscation cannot capture cryptographic security “White-Box Property”
requirements

35 36

6
 5/03/2009

Our approach to capture WBC (2) Negative results (Saxena and Wyseur, 2008 [165])
(1k, sn) (1k, O(Qi), sn)

For any non learnable family Q, there exist a non-
Black-box game White-box game
context obfuscatable security notion (this is stronger than Barak
et al., 2001)
A A
s s
WIN? WIN? (1k, sn) (1k, O(Q), sn)

meaning b b
Q[q] Q[q]

Q1[q1] Q1[q1]

O is a secure obfuscator for Qi, under the sn security WIN? WIN?

notion, if  q

37 38

Proof of impossibility result Proof of impossibility result (2)

(1k, sn)
Q is non-learnable (1k, O(Q), sn)
Q is non-learnable

Q[q] Q[q]

Win: if (s=x) and ‘not more
Win: if (s=x) and ‘not more
Q1[q1] Q1[q1]
than one query to Q1’ O(Q[q])
WIN? WIN? than one query to Q1’

BB adversary – how to find
x?

Q1[q1] (input Y) {
Guess x – prob: 2-k
Q1[q1] (input Y) {
WB adversary – how to find
If (Y(a) = Q[q](a)) then
Guess a – prob: 2-P(k) If (Y(a) = Q[q](a)) then x?
output x
Guess q – prob: 2-k output x
Use the code O(Q[q]) as Y
else output 0 }
Luck else output 0 }
Black-box advantage: White-box advantage:
39 40

Proof of impossibility result (3) Positive result (Saxena and Wyseur, 2008 [165])

Black-box adversary:
There exists an obfuscator O that turns a IND-CPA

secure, symmetric encryption scheme into an IND-CPA
secure asymmetric encryption scheme

White-box adversary:
Based on the bi-linear Diffie-Hellman assumption

White-box property: O is secure for Q under sn, if: E

But:
Remark: positive result is based on a cipher that consists of

asymmetric building blocks (pairings). We started with white-box
crypto for symmetric encryption schemes (DES, AES).

41 42

7
 5/03/2009

Overview Applications

Introduction
Application domains Related techniques

New and improved cryptographic

White-box security assessment primitives



Asymmetric cryptography
(Programmable) random oracle model

White-box implementations
Enforce (with) hardware  Improve side-channel protection techniques

Formal model and (im)possibility result

Applications and related research domains
Computing in the encrypted

 Homomorphic encryption
 Secure function evaluation (Yao’s garbled circuits)

Conclusions and future work domain
 Software tamper resistance

Software protection  Software diversity
 Trustworthy execution (TC, remote entrusting,
WBRPE)

Case study
 Traitor tracing

Digital Rights Management

43 44

Software security Overview

White-box cryptography is only a small piece in the
Introduction
puzzle.
White-box security assessment

128-bit AES key
770 Kbytes key (the white-box AES
White-box implementations (Chapter 3)
implementation lookup tables)
Formal model and (im)possibility result (Chapter 4)

Now we got a larger key… so what?

Applications and related research domains (Chapter 5)

Result is more flexible

Fix key into the application (prevent code lifting) – external encodings

Conclusions and future work

A leverage for other software Main () {
void openContent(char[]
protection techniques license) {
If (goodLicense(license))
 Traitor tracing }
WBdecrypt(content);
08 C1 EE 18 33 78
 Obfuscation 08 0F B6 C6 33 3C
void Wbdecrypt(char[]);
85 80 50 14 95 80
 Software Tamper Resistance } 4C 00 08 C1 E8 45
D8 C1 E9 10 0F B6
 … C9 C4 89 49 54 0F
4D C1 9C 8B 14 95
5D CC C1 E8 18 7D
D0 85 D4 55 94 E3
45 6C 0F 8B 5D 1C 5F 46

Conclusions and Future Research Publications

White-Box Implementations

State of the art implements shown to be insecure

Analysis of basic building blocks (lead to alternative attacks and defeat
of PR-CPA security)

Future work: towards new block ciphers and design principles

Theoretic model for White-Box Cryptography

A formal model has been introduced – context captured by security
notions

Positive and negative results have been presented

A provably IND-CPA secure white-box implementation

Future work: prove other constructions – extensions towards
probabilistic functions

Applications

Use of WBC in practice, and relation with other research fields

Future work: investigate new directions, inspired by other fields

Papers

A. Saxena, B. Wyseur, “On White-Box Cryptography and Obfuscation”, IACR ePrint 2008/273, 2008 – to
be submitted to 22nd IEEE Computer Security Foundations Symposium (CSF 2009).

D. Schellekens, B. Wyseur, B. Preneel, “Remote Attestation on Legacy Operating Systems with Trusted
Platform Modules”, In 1st International Workshop on Run-Time Enforcement of Mobile and Distributed
Systems (REM 2007) – Science of Computer Programming, 2008

B. Wyseur,W. Michiels, P. Gorissen, B. Preneel, “Cryptanalysis of White-Box DES Implementations with
Arbitrary External Encodings”, In Proceedings of 14th International Workshop on Selected Areas in Cryptology
(SAC 2007).

K.Wouters, B. Wyseur, B. Preneel, “Security Model for a Shared Multimedia Archive”, In Proceedings of the
Second International Conference on Automated Production of Cross Media Content for Multi-Channel
Distribution(AXMEDIS 2007).

K.Wouters, B. Wyseur, B. Preneel, “Lexical Natural Language Steganography Systems with Human
Interaction”, In Proceedings of the 6th European Conference on International Warfare and Security (ECIW
2007).

B. Wyseur, K. Wouters, M. Deng, T. Herlea, B. Preneel, “On the Design of a Secure Multimedia Archive”,
In 1st Benelux Worskhop on Information and System Security (WISSec 2006).

B. Wyseur, B. Preneel, “Condensed White-Box Implementations”, In Proceedings of 26th Symposium on
Information Theory in the Benelux (BSIT 2005).

Reports

S. Faust, B. Wyseur, G. Neven, “PIN based digital lockers”, 2008

B. Wyseur, M. Deng, T. Herlea, “A Survey on Homomorphic Encryption Schemes”, 2007

J. Cappaert, B. Wyseur, B. Preneel, “Software Security Techniques”, 2004

47 48

8
 5/03/2009

Q&A

Thank you.

49