Revisiting Higher-order Computational Attacks against White-box Implementations
Houssem Maghrebi, Davide Alessio
2020
Abstract
White-box cryptography was first introduced by Chow et al. in 2002 as a software technique for implementing cryptographic algorithms in a secure way that protects secret keys in an untrusted environment. Ever since, Chow et al.’s design has been subject to the well-known Differential Computation Analysis (DCA). To resist DCA, a natural approach that white-box designers investigated is to apply the common side-channel countermeasures such as masking. In this paper, we suggest applying the well-studied leakage detection methods to assess the security of masked white-box implementations. Then, we extend some well-known side-channel attacks (i.e. the bucketing computation analysis, the mutual information analysis, and the collision attack) to the higher-order case to defeat higher-order masked white-box implementations. To illustrate the effectiveness of these attacks, we perform a practical evaluation against a first-order masked white-box implementation. The obtained results have demonstrated the practicability of these attacks in a real-world scenario.
DownloadPaper Citation
in Harvard Style
Maghrebi H. and Alessio D. (2020). Revisiting Higher-order Computational Attacks against White-box Implementations. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 265-272. DOI: 10.5220/0008874602650272
in Bibtex Style
@conference{icissp20,
author={Houssem Maghrebi and Davide Alessio},
title={Revisiting Higher-order Computational Attacks against White-box Implementations},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={265-272},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008874602650272},
isbn={978-989-758-399-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Revisiting Higher-order Computational Attacks against White-box Implementations
SN - 978-989-758-399-5
AU - Maghrebi H.
AU - Alessio D.
PY - 2020
SP - 265
EP - 272
DO - 10.5220/0008874602650272