A Secure Implementation of a Symmetric Encryption Algorithm in White-Box Attack Contexts
In a white-box context, an adversary has total visibility of the implementation of the cryptosystem and full control over its execution platform. As a countermeasure against the threat of key compromise in this context, a new secure implementation of the symmetric encryption algorithm SHARK is proposed. The general approach is to merge several steps of the round function of SHARK into table lookups, blended by randomly generated mixing bijections. We prove the soundness of the implementation of the algorithm and analyze its security and efficiency. The implementation can be used in web hosts, digital right management devices, and mobile devices such as tablets and smart phones. We explain how the design approach can be adapted to other symmetric encryption algorithms with a slight modification.
There are three main models of the capability of an adversary to attack a cryptosystem . First is the black-box model. It is a traditional attack model where an adversary only has access to the input and corresponding output of a cryptosystem. The limited information available means that an attack is usually difficult and time consuming. The second model is the grey-box model, where a leakage function is present. In such an attack model, the adversary can deploy side-channel cryptanalysis techniques. Several grey-box models can be defined because of the large variety of leakage functions. Third is the white-box model where the adversary has total visibility of the cryptographic software implementation and full control over its execution. One could refer to the white-box model as the worst-case model. The white-box model is used to analyze algorithms that are running in an untrustworthy environment, that is, an environment in which applications are subject to attacks from the execution platform.
Typical white-box attack contexts include(1)a server or PC that an attacker has got the “root” or “admin” privilege of it,(2)a mobile agent that is running on a malicious host,(3)an attacker has control of an outdoor wireless sensor network node,(4)digital right management (DRM) components in cable television applications.
Secure computing in a white-box attack context (WABC) is a challenge because, as discussed in [2, 3], fully-privileged attack software shares a host with cryptographic software and has complete access to the implementation of algorithms, dynamic execution (with instantiated cryptographic keys) can be observed, and internal details of cryptographic algorithms are both completely visible and alterable.
Standard design and implementation of symmetric encryption algorithms were not intended to operate in a white-box attack context where their execution could be observed. In fact, cryptographic models usually assume that endpoints, hosts, and hardware protection tokens are to be trusted. This is not the case in a white-box attack. By actively monitoring standard cryptographic functions or memory dumps, an attacker can even extract the cryptographic keys. This is extremely dangerous when using a symmetric encryption scheme because the decryption algorithm uses the same key as the encryption algorithm.
In response to this security challenge, we propose a new, secure, and white-box implementation of a symmetric encryption algorithm that reduces the risk of keys being compromised. Note that the terms “white-box encryption algorithm” and “white-box implementation of an encryption algorithm” are used interchangeably throughout the paper.
The remainder of this article is organized as follows. Section 2 describes recent advances in white-box cryptography. A new white-box symmetric encryption algorithm is proposed in Section 3, followed by a security analysis in Section 4. Section 5 analyzes the complexity and performance of the new algorithm and includes a suggested implementation approach and some experimental results. In Section 6 we conclude with a discussion of our findings and ideas for future research.
2. Recent Advances in White-Box Cryptography
White-box cryptography provides protection to software implementations of encryption algorithms that may be executed on an untrustworthy host or other white-box attack contexts. The main constraint is that the result must be directly executable. Chow et al. introduced this idea and proposed a white-box implementation of DES by interleaving affine transformations and using delinearization techniques . Chow et al. also introduced a white-box implementation of AES, representing it with a set of key-dependent look-up tables . Their original proposal is that these two algorithms could be used in digital rights management (DRM) applications to satisfy the need to protect digital information content from unauthorized access, use, and dissemination.
In , Jacob et al. proposed that a fault injection attack, where an attacker injects errors into the program environment during execution, could defeat some obfuscation methods. They presented a cryptanalysis of a variant of the algorithm in  that does not have external encodings. Link and Neumann implemented white-box DES and triple-DES algorithms along the lines of Chow et al., with alterations that improved the security of the key . Their system is secure against the previously published attacks on the implementation of Chow et al. and their own adaptation of a statistical bucketing attack. In 2007, Wyseur et al.  and Goubin et al.  independently cryptanalyzed all existing obfuscation methods of DES. Both attacks were based on a truncated differential cryptanalysis. Goubin et al. presented an attack that analyzed the first rounds of the white-box DES implementations, while Wyseur et al. presented an attack that works on the internal information.
In , Billet et al. presented an efficient and practical attack against the obfuscated AES implementation proposed by Chow et al. in . It used negligible memory and had the worst time complexity of 230. In 2009, Michiels et al. improved the attack so that it could be deployed on a generic class of white-box implementations . In 2011, Karroumi proposed a new white-box implementation that uses dual representations of AES . Karroumi claimed that the time complexity of Billet et al.’s attack against his white-box AES is 291. Furthermore, even with the more powerful attack tool  proposed by Tolhuizen last year, the expected time complexity of Billet et al.’s attack remains .
In , Xiao and Lai proposed a secure implementation of white-box AES after a detailed analysis of the attack technique in  on the AES implementation proposed in . In their scheme, the obfuscation works on at least two cells of an AES state, which the attacker cannot divide them into small ones and remove them using the attack technique proposed in . The time complexity of Xiao and Lai’s white-box AES implementation is . It is slower than Chow et al.’s implementation, which has a time complexity of . Furthermore, the size of Xiao and Lai’s white-box AES implementation is 20502 KB. In 2012, Mulder et al.  presented a cryptanalysis of a white-box AES implementation, based on Xiao and Lai’s idea. They applied the linear equivalence algorithm presented by Biryukov et al. in  as a building block. The cryptanalysis efficiently extracts the AES key with a work factor of approximately . Furthermore, the size of Xiao and Lai’s implementation still has potential to be improved.
3. A Novel White-Box Symmetric Encryption Algorithm
In this section, we propose a new white-box symmetric encryption algorithm based on SHARK . Our general approach is to merge several steps of each round function of SHARK into table lookups, blending by randomly generated mixing bijections. We use techniques from [10, 12] to obtain the obfuscated implementation.
3.1. The Symmetric Encryption Algorithm, SHARK
SHARK is a six round substitution permutation-network that alternates a key mixing stage with linear and nonlinear transformation layers. We can split each round of the SHARK algorithm into three distinct layers: a nonlinear layer of substitution boxes, a diffusion layer, and a key addition layer. An interpolation attack can break the five rounds of a modified version of SHARK , but the security of the six round SHARK cipher is acceptable for many applications.
Let denote the mapping of -boxes. Then the nonlinear layer can be defined as , .
Let be the linear transformation corresponding to the diffusion layer. Then there exists a matrix such that .
Furthermore, let be the round key of the th round and let be the key addition mapping.
Now, the symmetric encryption algorithm SHARK with encryption key is defined as follows:
3.2. Components of the White-Box Encryption Algorithm
To hide the encryption key, we must merge several steps of each round function of SHARK into table lookups blended by randomly generated mixing bijections. In this section, we investigate how to design such tables and how randomly generated mixing bijections can be counteracted.
Let be a 64 × 64 nonsingular matrix over , defined for as where , are randomly generated nonsingular matrices over .
The external input encoding, , is a nonsingular matrix over defined as where , , are randomly generated nonsingular matrices over . The external output encoding is also a nonsingular matrix over .
In a white-box encryption algorithm, round functions should be obfuscated to protect the round keys against attacks from an adversary. Using the definitions above, we can define the obfuscated round functions, which we will implement using a set of tables (-Boxes). For each round, , let the obfuscated subround function be .
The number of possible different representations of is 8160. The isomorphic transformation that takes the description of the cipher under the standard irreducible polynomial to another description with a different irreducible polynomial is linear. For each round , is chosen randomly from these isomorphic transformations.
Let be preround mixing bijections.
Let be postround diffusion-mixing bijections.
Then, we can write the obfuscated subround functions as where refers to two -boxes operating in parallel and .
To invert the effect of the postround mixing matrices , , and the preround mixing matrices , , , a left multiplication of the matrix is added at the end of each of rounds 0 to 5.
As shown in Figure 3, the -Boxes of the last round are lookup tables corresponding to the subround functions , . The nonlinear -Boxes of other rounds have been removed. In fact, the -Boxes of the last round are affine transformations , . Clearly, this is dangerous, and so we modify the last round of SHARK as illustrated in Figure 4. Consequently, the -Boxes of the last round should be , . We call this modified version . Now, where
(a) The last round of SHARK
(b) The modified last round of SHARK
3.3. The Complete White-Box Encryption Algorithm
Using the components described in the previous section, the encryption process is shown in Algorithm 1.
We will now prove the soundness of our algorithm.
Proposition 1. The encryption algorithm is such that where
Proof. Let , , be the input to the first round of . Then
where the round transformation is defined in (3). We arrive at the last round by similar deductions on the previous rounds.
Let , , and define to be the output of the fifth round of ; that is,
Let . The last round of works on the output of previous round as follows:
This ends the proof.
The following corollary shows how to decrypt the output of by modifying, the decryption process of SHARK, that is, .
Corollary 2. The previously described encryption algorithm, , can be decrypted using
Proof. By Proposition 1, . Hence,
This ends the proof.
4. Security Measurements and Analysis
4.1. Security Measurements
In [2, 3], Chow et al. used white-box diversity and white-box ambiguity to measure the security of a white-box encryption algorithm. The white-box diversity of a given table type counts the number of distinct constructions that exist in a table of the same type. It measures variability among implementations and is useful in foiling prepackaged attacks. White-box ambiguity of a table is a more important metric because it counts the number of distinct constructions that produce exactly the same type of table. It measures the number of alternative interpretations or meanings of a specific table, which an attacker must investigate in order to determine one of the obfuscated cipher’s instances.
The number of nonsingular matrices of order is . The number of possible is . For each table (-Box), the white-box diversity is approximately , and the white-box ambiguity is approximately .
4.2. Against Billet et al.’s and Michiels et al.’s Attack
Billet et al.  described a very efficient attack against the white-box AES implementation proposed in . Recovering information about the key by a local inspection of the lookup tables seems difficult, as the tables are designed to satisfy diversity and ambiguity criteria. In the Billet et al. attack, the authors take advantage of the fact that it is easier to recover information by analyzing compositions of lookup tables corresponding to one encoded AES round.
In this paper, the proposed implementation means that some attack techniques aimed at the simplicity of AES -boxes are not valid. Furthermore, we have also used isomorphic transformations to increase the white-box diversity. For these reasons, the Billet et al. attack will not work.
The ideas presented in  can be used to derive a white-box implementation for any substitution linear-transformation network cipher . Michiels et al.  presented an algorithm for extracting the round keys of such a cipher when all block rows of the diffusion matrices have disjoint spanning block sets. This condition on the diffusion matrices is, for example, satisfied by all maximum distance separable matrices [18, 19]. In our algorithm, we have implemented reverse operations of linear mixing bijections in a different way. This ensures that our technique is immune from the attack of Michiels et al.
4.3. Against Mulder et al.’s Attack
Mulder et al.  presented a cryptanalysis of Xiao-Lai white-box AES implementation by using Biryukov et al.’s highly efficient linear equivalence algorithm . The linear equivalence algorithm checks linear equivalence between two permutations (-boxes), and , and finds two invertible linear mappings, and , such that . This is an important problem in symmetric cryptography.
Biryukov et al.’s linear equivalence algorithm exploits the following two ideas. The first is that we can guess portions of , which will provide us with knowledge of the values of . These new values from allow the algorithm to extract new information about . The linear (affine) structure of the mappings causes another process, which they refer to as the exponential amplification of guesses. Their second idea is that if we know vectors from the mapping , we also know linear combinations of these vectors.
Mulder et al. proposed a modified version of the linear equivalence algorithm in . The time complexity of solving the linear equivalence problem of a building block decreases from 244 to 229. It follows that the attack efficiently extracts the AES key from Xiao-Lai white-box AES implementation with a time complexity of approximately 232. In the case of our white-box SHARK implementation, we have not found any technique that can reduce the time complexity in the same manner because of the following reasons.(1)As shown in (17) and (18), the diffusion matrices of SHARK and AES are different.(a)The diffusion matrix of SHARK is (b)The diffusion matrix of AES is (2)We use a different approach to compute .
Furthermore, the transformation that we use in this paper can provide a higher work factor. The overall work factor of Mulder, Roelse, and Preneel’s attack against our white-box SHARK implementation is the product of following three factors:(1)244 (, ) to solve the linear equivalence problem of a building block,(2)213 () to guess all the dual components,(3)22 because there are four building blocks in each round.
Thus, our white-box SHARK implementation remains with a security level higher than against Mulder et al’s attack.
5. Size and Performance
In this section, we first analyze the size of static data that the algorithm requires. We then make some suggestions regarding the implementation and provide some experimental results. Finally, we discuss a highly efficient work mode for encrypting data.
Each round of our algorithm requires four -Box tables. As the size of each table is bits bytes, the size of the 28 tables is 14 MB. The size of each matrix is bits bytes. Thus, the size of these matrices is 3 KB. Combining these values, we determine that the size of all lookup tables and matrices is 14339 KB.
Three operations are needed to run the algorithm: bit multiplication, bit addition, and -Box table lookup. We list the number of required operations in Table 1.
Of course, this is a “naïve” implementation as we can speed up the algorithm by using the memory-speed trade-off technique. A multiplication table can map two input bytes ( and ) into a single bit . With the help of such multiplication table, we can optimize the complexity of matrix multiplications and obtain a fast software implementation. The extra cost of memory is only 8 KB. This implementation requires three operations: multiplication table lookup, bit addition, and -Box table lookup. Table 2 lists the required number of each operation.
We have investigated the time taken to encrypt 1 MB of data in the electronic codebook (ECB) mode on a ThinkPad notebook. The average time of the naïve implementation is 23.3 seconds and the average time of the fast implementation is only 1.2 seconds. Table 3 shows the details of the testing environment.
Clearly, the proposed algorithm is much slower than the standard algorithm because of the additional time taken when multiplying by , . This is true even when using the fast implementation. But the proposed algorithm running in the composite propagating cipher-block chaining (PCBC) mode, as suggested by , is much faster than ECB mode. In the composite PCBC mode, the speed of encryption is almost the same as the standard implementation. Figure 5 shows the flow chart of the white-box SHARK algorithm running in the composite PCBC mode.
6. Conclusions and Discussion
In this paper, we propose a new white-box encryption algorithm that obfuscates the cipher SHARK. Our general approach is to merge several steps of the round function of SHARK into table lookups blended by randomly generated mixing bijections. Techniques used in [10, 12] are used in this paper to obtain the obfuscated cipher. Hence, this algorithm is secure against the attacks of Billet et al. , Michiels et al. , and Mulder et al. . Thus, the algorithm is a countermeasure against the threat of key compromise in white-box attack context.
This design of white-box SHARK can also be used to obtain a white-box AES with a slight modification. The outcome of adapting our design to use AES will be a white-box AES implementation with the size of lookup tables and matrices being 20502 MB and with a security level of 292. We have chosen SHARK because it results in smaller tables and matrices and has a simpler description.
Future work should be focused on the size of the implementation. If we can significantly decrease the size, white-box encryption algorithms may be applied to lightweight applications such as the Internet of Things or wireless sensor networks.
Conflict of Interests
The authors declare that there is no conflict of interests regarding the publication of this paper.
This work was supported by the National Natural Science Foundation of China (no. 61202382, no. 61103006) and the Fundamental Research Funds for the Central Universities.
B. Wyseur, White-box cryptography [Ph.D. thesis], Katholieke University, Leuven, Belgium, 2009.
S. Chow, P. Eisen, H. Johnson, and P. C. Van Oorschot, “A white-box DES implementation for DRM applications,” in Proceedings of the 2nd ACM Workshop on Digital Rights Management, vol. 2696 of Lecture Notes in Computer Science, pp. 1–15, Washington, DC, USA, November 2002.View at: Publisher Site | Google Scholar
S. Chow, P. Eisen, H. Johnson, and P. C. Van Oorschot, “White-box cryptography and an AES implementation,” in Proceedings of the 9th Workshop on Selected Areas in Cryptography, vol. 2595 of Lecture Notes in Computer Science, pp. 250–270, St. John’s, Canada, 2003.View at: Publisher Site | Google Scholar | Zentralblatt MATH | MathSciNet
H. E. Link and W. D. Neumann, “Clarifying obfuscation: improving the security of white-box des,” in Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC '05), pp. 679–684, Albuquerque, NM, USA, April 2005.View at: Google Scholar
B. Wyseur, W. Michiels, P. Gorisseii, and B. Preneel, “Cryptanalysis of white-box des implementations with arbitrary external encodings,” in Proceedings of the 14th Annual Workshop on Selected Areas in Cryptography, vol. 4876 of Lecture Notes in Computer Science, pp. 264–277, Ottawa, Canada, August 2007.View at: Google Scholar
L. Goubin, J.-M. Masereel, and M. Quisquater, “Cryptanalysis of white box DES implementations,” in Proceedings of the 14th Annual Workshop on Selected Areas in Cryptography, vol. 4876 of Lecture Notes in Computer Science, pp. 278–295, Ottawa, Canada, August 2007.View at: Publisher Site | Google Scholar
O. Billet, H. Gilbert, and C. Ech-Chatbi, “Cryptanalysis of a white box AES implementation,” in Proceedings of the 11th International Workshop on Selected Areas in Cryptography, vol. 3357 of Lecture Notes in Computer Science, pp. 227–240, Waterloo, Canada, August 2005.View at: Publisher Site | Google Scholar | Zentralblatt MATH | MathSciNet
W. Michiels, P. Gorissen, and H. D. L. Hollmann, “Cryptanalysis of a generic class of white-box implementations,” in Proceedings of the 15th International Workshop on Selected Areas in Cryptography, vol. 5381 of Lecture Notes in Computer Science, pp. 414–428, Sackville, Canada, August 2008.View at: Publisher Site | Google Scholar
M. Karroumi, “Protecting white-box AES with dual ciphers,” in Proceedings of the 13th International Conference on Information Security and Cryptology (ICISC '11), K. H. Rhee and D. Nyang, Eds., vol. 6829 of Lecture Notes in Computer Science, pp. 278–291, Seoul, Korea, 2011.View at: Publisher Site | Google Scholar
L. Tolhuizen, “Improved cryptanalysis of an AES implementation,” in Proceedings of the 33rd WIC Symposium on Information Theory in the Benelux, pp. 68–71, Boekelo, The Netherlands, 2012.View at: Google Scholar
Y. De Mulder, P. Roelse, and B. Preneel, “Cryptanalysis of the Xiao-Lai white-box AES implementation,” in Proceedings of the 19th Annual International Workshop on Selected Areas in Cryptography (SAC '13), vol. 7707 of Lecture Notes in Computer Science, pp. 34–49, Springer, 2013.View at: Publisher Site | Google Scholar
A. Biryukov, C. De Cannière, A. Braeken, and B. Preneel, “A toolbox for cryptanalysis: linear and affine equivalence algorithms,” in Advances in Cryptology—EUROCRYPT, E. Biham, Ed., vol. 2656 of Lecture Notes in Computer Science, pp. 33–50, Springer, Berlin, Germany, 2003.View at: Publisher Site | Google Scholar | Zentralblatt MATH | MathSciNet
V. Rijmen, J. Daemen, B. Preneel, A. Bosselaers, and E. De Win, “The cipher SHARK,” in Proceedings of the 3rd International Workshop on Fast Software Encryption, pp. 99–111, Cambridge, UK, February 1996.View at: Google Scholar
T. Jakobsen and L. Knudsen, “The interpolation attack on block ciphers,” in Proceedings of the 4th International Workshop on Fast Software Encryption, pp. 28–40, Haifa, Israel, January 1997.View at: Google Scholar
J.-Y. Park, O. Yi, and J.-S. Choi, “Methods for practical whitebox cryptography: a way to use dynamic key updates and high performance white box cryptography with certain mode of operations,” in Proceedings of the International Conference on Information and Communication Technology Convergence (ICTC '10), pp. 474–479, November 2010.View at: Publisher Site | Google Scholar