Chris Brzuska
Assistant Professor
Aalto University, Finland
Title:
White-Box Cryptography – Security Goals and Foundations
Abstract:
The white-box attack model was introduced in 2002 by Chow, Eisen, Johnson and van Oorschot. In this attack model, we consider an adversary who gets access to the implementation code of a cryptographic algorithm with an embedded secret key. Additionally, the adversary is assumed to be in control of the execution environment of the implementation. White-box cryptography aims to maintain an implementation secure, even in the presence of such a strong adversary. White-box crypto has been widely deployed to protect digital rights management (DRM) applications and more recently, mobile payment applications. Since its introduction, a number of candidate designs for white-box AES and DES have been proposed. Unfortunately, all of these candidates have been subject to key extraction attacks, and it is not clear which level of security white-box cryptographic implementations can achieve in real life.
In this lecture, we will study the foundations of white-box cryptography, explaining its application scenarios and its security goals. As we explain, the security properties expected from a white-box program may vary depending on the use case we are considering. In this line, we will study formal security notions for white-box cryptography introduced in the literature and discuss their usefulness. Additionally, we will take a look at provably secure constructions which achieve security in these white-box models. While some constructions may achieve security under strong assumptions (e.g. indistinguishability obfuscation), these feasibility results serve as a conceptual validation for how white-box crypto is implemented in real life. Finally, we will take a look at popular attacks on white-box implementations of AES and show how their effectiveness is reflected on recent capture-the-flag competitions.
Bio of Chris Brzuska:
Chris Brzuska is a Professor at Aalto University in Finland. He is a faculty member of the departments of computer science as well as the department of mathematics and systems analysis and his research focuses on cryptography and its connections to IT security, verification and complexity theory. Chris completed his PhD at TU Darmstadt under the supervision of Marc Fischlin and was a postdoctoral researcher at Microsoft Research Cambridge and Tel Aviv University. Before joining Aalto, Chris was a junior professor at TU Hamburg in Germany.