Skip to main content
SpringerLink
Log in

Security Assessment of White-Box Design Submissions of the CHES 2017 CTF Challenge

  • Conference paper
  • First Online:
Constructive Side-Channel Analysis and Secure Design (COSADE 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12244))

Abstract

In 2017, the first CHES Capture the Flag Challenge was organized in an effort to promote good design candidates for white-box cryptography. In particular, the challenge assessed the security of the designs with regard to key extraction attacks. A total of 94 candidate programs were submitted, and all of them were broken eventually. Even though most candidates were broken within a few hours, some candidates remained robust against key extraction attacks for several days, and even weeks. In this paper, we perform a qualitative analysis on all candidates submitted to the CHES 2017 Capture the Flag Challenge. We test the robustness of each challenge against different types of attacks, such as automated attacks, extensions thereof and reverse engineering attacks. We are able to classify each challenge depending on their robustness against these attacks, highlighting how challenges vulnerable to automated attacks can be broken in a very short amount of time, while more robust challenges demand for big reverse engineering efforts and therefore for more time from the adversaries. Besides classifying the robustness of each challenge, we also give data regarding their size and efficiency and explain how some of the more robust challenges could actually provide acceptable levels of security for some real-life applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In fact during the 2019 edition, a total of 3 candidates remained unbroken.

  2. 2.

    https://github.com/SideChannelMarvels.

  3. 3.

    https://github.com/Riscure/Jlsca.

  4. 4.

    https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool.

  5. 5.

    https://github.com/Riscure/python-trsfile.

  6. 6.

    https://github.com/Riscure/Jlsca.

  7. 7.

    http://tigress.cs.arizona.edu/.

  8. 8.

    https://www.cryptolux.org/index.php/Home.

  9. 9.

    https://www.cryptoexperts.com/technologies/white-box/.

  10. 10.

    https://www.intertrust.com/products/application-shielding/.

References

  1. Aghaie, A., Moradi, A., Rasoolzadeh, S., Shahmirzadi, A.R., Schellenberg, F., Schneider, T.: Impeccable circuits. Cryptology ePrint Archive, Report 2018/203 (2018). https://eprint.iacr.org/2018/203

  2. Alpirez Bock, E., Amadori, A., Brzuska, C., Michiels, W.: On the security goals of white-box cryptography. Cryptology ePrint Archive, Report 2020/104 (2020). https://eprint.iacr.org/2020/104

  3. Alpirez Bock, E., et al.: White-box cryptography: don’t forget about grey-box attacks. J. Cryptol. 32(4), 1095–1143 (2019)

    Article  MathSciNet  Google Scholar 

  4. Alpirez Bock, E., Brzuska, C., Fischlin, M., Janson, C., Michiels, W.: Security reductions for white-box key-storage in mobile payments. Cryptology ePrint Archive, Report 2019/1014 (2019). https://eprint.iacr.org/2019/1014

  5. Baek, C.H., Cheon, J.H., Hong, H.: White-box AES implementation revisited. J. Commun. Netw. 18(3), 273–287 (2016)

    Article  Google Scholar 

  6. Barkan, E., Biham, E.: In how many ways can you write Rijndael? In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 160–175. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_10

    Chapter  MATH  Google Scholar 

  7. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052259

    Chapter  Google Scholar 

  8. Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a white box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30564-4_16

    Chapter  Google Scholar 

  9. Biryukov, A., Bouillaguet, C., Khovratovich, D.: Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract). In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 63–84. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_4

    Chapter  Google Scholar 

  10. Biryukov, A., Udovenko, A.: Attacks and countermeasures for white-box designs. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part II. LNCS, vol. 11273, pp. 373–402. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03329-3_13

    Chapter  Google Scholar 

  11. Bogdanov, A., Isobe, T., Tischhauser, E.: Towards practical whitebox cryptography: optimizing efficiency and space hardness. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 126–158. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_5

    Chapter  Google Scholar 

  12. Bogdanov, A., Rivain, M., Vejre, P.S., Wang, J.: Higher-order DCA against standard side-channel countermeasures. In: Polian, I., Stöttinger, M. (eds.) COSADE 2019. LNCS, vol. 11421, pp. 118–141. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-16350-1_8

    Chapter  Google Scholar 

  13. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_4

    Chapter  Google Scholar 

  14. Breunesse, C.-B., Kizhvatov, I., Muijrers, R., Spruyt, A.: Towards fully automated analysis of whiteboxes: Perfect dimensionality reduction for perfect leakage. Cryptology ePrint Archive, Report 2018/095 (2018). https://eprint.iacr.org/2018/095

  15. Bringer, J., Chabanne, H., Dottax, E.: White box cryptography: Another attempt. Cryptology ePrint Archive, Report 2006/468 (2006). http://eprint.iacr.org/2006/468

  16. Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.C.: White-box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36492-7_17

    Chapter  MATH  Google Scholar 

  17. Chow, S., Eisen, P., Johnson, H., van Oorschot, P.C.: A white-box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-44993-5_1

    Chapter  Google Scholar 

  18. Cooijmans, T., de Ruiter, J., Poll, E.: Analysis of secure key storage solutions on android. In: Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & #38; Mobile Devices, SPSM ’14, pp. 11–20. ACM (2014)

    Google Scholar 

  19. CryptoLux: White-box cryptography. https://www.cryptolux.org/index.php/Whitebox_cryptography

  20. cybercrypt: CHES 2019 capture the flag challenge - the whibox contest - 2nd edn. (2019). https://www.cyber-crypt.com/whibox-contest/

  21. Delerablée, C., Lepoint, T., Paillier, P., Rivain, M.: White-box security notions for symmetric encryption schemes. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 247–264. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_13

    Chapter  Google Scholar 

  22. Derbez, P., Fouque, P.-A., Lambin, B., Minaud, B.: On recovering affine encodings in white-box implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(3), 121–149 (2018)

    Article  Google Scholar 

  23. ECRYPT: CHES 2017 capture the flag challenge - the whibox contest (2017). https://whibox.cr.yp.to/

  24. EMV Mobile Payment: Software-based mobile payment security requirements v1.2 (2019). https://www.emvco.com/wp-content/uploads/documents/EMVCo-SBMP-16-G01-V1.2_SBMP_Security_Requirements.pdf

  25. Fouque, P.-A., Karpman, P., Kirchner, P., Minaud, B.: Efficient and provable white-box primitives. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 159–188. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_6

    Chapter  Google Scholar 

  26. Goubin, L., Masereel, J.-M., Quisquater, M.: Cryptanalysis of white box DES implementations. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 278–295. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77360-3_18

    Chapter  Google Scholar 

  27. Goubin, L., Paillier, P., Rivain, M., Wang, J.: How to reveal the secrets of an obscure white-box implementation. J. Cryptogr. Eng. 10(1), 49–66 (2019). https://doi.org/10.1007/s13389-019-00207-5

    Article  Google Scholar 

  28. Guo, X., Karri, R.: Invariance-based concurrent error detection for advanced encryption standard. In: Proceedings of the 49th Annual Design Automation Conference, DAC ’12, pp. 573–578, New York, NY, USA, 2012. ACM

    Google Scholar 

  29. Jacob, M., Boneh, D., Felten, E.: Attacking an obfuscated cipher by injecting faults. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 16–31. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-44993-5_2

    Chapter  Google Scholar 

  30. Karroumi, M.: Protecting white-box AES with dual ciphers. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 278–291. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24209-0_19

    Chapter  Google Scholar 

  31. Klemsa, J.: Side-channel attack analysis of AES white-box schemes. Master’s thesis, Czech Technical University in Prague (2016). https://github.com/fakub/DiplomaThesis

  32. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  33. Kwon, J., Lee, B., Lee, J., Moon, D.: \( \sf FPL \): white-box secure block cipher using parallel table look-ups. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 106–128. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40186-3_6

    Chapter  Google Scholar 

  34. Lepoint, T., Rivain, M., De Mulder, Y., Roelse, P., Preneel, B.: Two attacks on a white-box AES implementation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 265–285. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_14

    Chapter  Google Scholar 

  35. Link, H.E., Neumann, W.D.: Clarifying obfuscation: Improving the security of white-box encoding. Cryptology ePrint Archive, Report 2004/025 (2004). http://eprint.iacr.org/2004/025

  36. Muir, J.A.: A tutorial on white-box AES. Cryptology ePrint Archive, Report 2013/104 (2013). http://eprint.iacr.org/2013/104

  37. De Mulder, Y., Roelse, P., Preneel, B.: Cryptanalysis of the Xiao – Lai white-box AES implementation. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 34–49. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_3

    Chapter  Google Scholar 

  38. De Mulder, Y., Wyseur, B., Preneel, B.: Cryptanalysis of a perturbated white-box AES implementation. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 292–310. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17401-8_21

    Chapter  Google Scholar 

  39. Teuwen, P.: Grey-box attacks, four years later. 2019 WhibOx Workshop, Darmstadt, Germany. https://www.cryptoexperts.com/whibox2019/slides-whibox2019/Philippe_Teuwen.pdf

  40. Rivain, M., Wang, J.: Analysis and improvement of differential computation attacks against internally-encoded white-box implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 225–255 (2019)

    Article  Google Scholar 

  41. Rolles, R.: Unpacking virtualization obfuscators. In: Proceedings of the 3rd USENIX Conference on Offensive Technologies, WOOT’09, p. 1, Berkeley, CA, USA, 2009. USENIX Association

    Google Scholar 

  42. Salwan, J., Bardin, S., Potet, M.-L.: Symbolic deobfuscation: from virtualized code back to the original. In: Giuffrida, C., Bardin, S., Blanc, G. (eds.) DIMVA 2018. LNCS, vol. 10885, pp. 372–392. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93411-2_17

    Chapter  Google Scholar 

  43. Smart Card Alliance Mobile and NFC Council. Host card emulation 101. white paper (2014). https://www.securetechalliance.org/wp-content/uploads/HCE-101-WP-FINAL-081114-clean.pdf

  44. Wyseur, B., Michiels, W., Gorissen, P., Preneel, B.: Cryptanalysis of white-box DES implementations with arbitrary external encodings. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 264–277. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77360-3_17

    Chapter  Google Scholar 

  45. Xiao, Y., Lai, X.: A secure implementation of white-box AES. In: 2009 2nd International Conference on Computer Science and Its Applications, pp. 1–6. IEEE Computer Society (2009)

    Google Scholar 

Download references

Acknowledgments

The analyses presented in this work were carried out while Alexander Treff was an intern at Riscure B.V., where he was advised by Albert Spruyt and Kevin Valk, which he hereby acknowledges. The authors are grateful to Cees-Bart Breunesse and Ilya Kizhvatov, who provided additional support during the internship. The authors would like to thank Chris Brzuska and Wil Michiels for their helpful feedback during the preparation of this paper.

Author information

Authors and Affiliations

  1. Aalto University, Espoo, Finland

    Estuardo Alpirez Bock

  2. University of Lübeck, Lübeck, Germany

    Alexander Treff

Authors
  1. Estuardo Alpirez Bock
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexander Treff
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Estuardo Alpirez Bock .

Editor information

Editors and Affiliations

  1. RD, Security Pattern SRL, Brescia, Brescia, Italy

    Guido Marco Bertoni

  2. AlaRI, Università della Svizzera italiana, Lugano, Switzerland

    Francesco Regazzoni

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alpirez Bock, E., Treff, A. (2021). Security Assessment of White-Box Design Submissions of the CHES 2017 CTF Challenge. In: Bertoni, G.M., Regazzoni, F. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2020. Lecture Notes in Computer Science(), vol 12244. Springer, Cham. https://doi.org/10.1007/978-3-030-68773-1_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68773-1_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68772-4

  • Online ISBN: 978-3-030-68773-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation