On Self-equivalence Encodings in White-Box Implementations View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2021-07-21

AUTHORS

Adrián Ranea , Bart Preneel

ABSTRACT

All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers. More... »

PAGES

639-669

Book

TITLE

Selected Areas in Cryptography

ISBN

978-3-030-81651-3
978-3-030-81652-0

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25

DOI

http://dx.doi.org/10.1007/978-3-030-81652-0_25

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1139805545


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Ranea", 
        "givenName": "Adri\u00e1n", 
        "id": "sg:person.011075665014.12", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075665014.12"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Preneel", 
        "givenName": "Bart", 
        "id": "sg:person.011115044357.39", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2021-07-21", 
    "datePublishedReg": "2021-07-21", 
    "description": "All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers.", 
    "editor": [
      {
        "familyName": "Dunkelman", 
        "givenName": "Orr", 
        "type": "Person"
      }, 
      {
        "familyName": "Jacobson,", 
        "givenName": "Michael J.", 
        "type": "Person"
      }, 
      {
        "familyName": "O'Flynn", 
        "givenName": "Colin", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-81652-0_25", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-81651-3", 
        "978-3-030-81652-0"
      ], 
      "name": "Selected Areas in Cryptography", 
      "type": "Book"
    }, 
    "keywords": [
      "random permutation", 
      "broad class", 
      "affine permutations", 
      "equivalence problem", 
      "cipher components", 
      "diagonal shape", 
      "white-box implementations", 
      "non-linear layer", 
      "affine equivalence problem", 
      "software implementation", 
      "generic analysis", 
      "permutations", 
      "SPN ciphers", 
      "white-box designs", 
      "type of ciphers", 
      "generic attacks", 
      "full control", 
      "affine layers", 
      "recent progress", 
      "framework", 
      "problem", 
      "implementation", 
      "class", 
      "cipher", 
      "layer", 
      "huge progress", 
      "block cipher", 
      "design", 
      "different designs", 
      "cryptanalysis", 
      "shape", 
      "encoding", 
      "connection", 
      "S-box layers", 
      "structure", 
      "devices", 
      "analysis", 
      "adversary", 
      "progress", 
      "work", 
      "components", 
      "conditions", 
      "control", 
      "attacks", 
      "design side", 
      "types", 
      "security", 
      "potential", 
      "side", 
      "rounds", 
      "academic methods", 
      "group", 
      "method"
    ], 
    "name": "On Self-equivalence Encodings in White-Box Implementations", 
    "pagination": "639-669", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1139805545"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-81652-0_25"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-81652-0_25", 
      "https://app.dimensions.ai/details/publication/pub.1139805545"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-10-01T06:54", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221001/entities/gbq_results/chapter/chapter_222.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-81652-0_25"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'


 

This table displays all metadata directly associated to this object as RDF triples.

129 TRIPLES      22 PREDICATES      77 URIs      70 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-81652-0_25 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N98df2ce3dd1a4ecda88e8ced23af4fb7
4 schema:datePublished 2021-07-21
5 schema:datePublishedReg 2021-07-21
6 schema:description All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers.
7 schema:editor N814ee4bdd1e04aad956daa21158f5012
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf N5ad6bce401cb49f98c9d87276c387573
11 schema:keywords S-box layers
12 SPN ciphers
13 academic methods
14 adversary
15 affine equivalence problem
16 affine layers
17 affine permutations
18 analysis
19 attacks
20 block cipher
21 broad class
22 cipher
23 cipher components
24 class
25 components
26 conditions
27 connection
28 control
29 cryptanalysis
30 design
31 design side
32 devices
33 diagonal shape
34 different designs
35 encoding
36 equivalence problem
37 framework
38 full control
39 generic analysis
40 generic attacks
41 group
42 huge progress
43 implementation
44 layer
45 method
46 non-linear layer
47 permutations
48 potential
49 problem
50 progress
51 random permutation
52 recent progress
53 rounds
54 security
55 shape
56 side
57 software implementation
58 structure
59 type of ciphers
60 types
61 white-box designs
62 white-box implementations
63 work
64 schema:name On Self-equivalence Encodings in White-Box Implementations
65 schema:pagination 639-669
66 schema:productId N1569cdb3aaaf4c52ba373025de96ed01
67 N62b146e6ef1049e68130d266e6ec77f6
68 schema:publisher N8266a9ac91204d109dfcf90d5c286995
69 schema:sameAs https://app.dimensions.ai/details/publication/pub.1139805545
70 https://doi.org/10.1007/978-3-030-81652-0_25
71 schema:sdDatePublished 2022-10-01T06:54
72 schema:sdLicense https://scigraph.springernature.com/explorer/license/
73 schema:sdPublisher N4fca78b1644b4b6c851431f52f0419bd
74 schema:url https://doi.org/10.1007/978-3-030-81652-0_25
75 sgo:license sg:explorer/license/
76 sgo:sdDataset chapters
77 rdf:type schema:Chapter
78 N0ddc8afa2dd9412dba812073ee09b113 schema:familyName Dunkelman
79 schema:givenName Orr
80 rdf:type schema:Person
81 N1569cdb3aaaf4c52ba373025de96ed01 schema:name doi
82 schema:value 10.1007/978-3-030-81652-0_25
83 rdf:type schema:PropertyValue
84 N25e81f87a33940039714ce4a73d7cce8 schema:familyName O'Flynn
85 schema:givenName Colin
86 rdf:type schema:Person
87 N279bd413b9cd4f4ca332e89c5eb8c61f rdf:first N25e81f87a33940039714ce4a73d7cce8
88 rdf:rest rdf:nil
89 N4fca78b1644b4b6c851431f52f0419bd schema:name Springer Nature - SN SciGraph project
90 rdf:type schema:Organization
91 N5696f354294d4145ac75a8c50e589eb5 schema:familyName Jacobson,
92 schema:givenName Michael J.
93 rdf:type schema:Person
94 N5ad6bce401cb49f98c9d87276c387573 schema:isbn 978-3-030-81651-3
95 978-3-030-81652-0
96 schema:name Selected Areas in Cryptography
97 rdf:type schema:Book
98 N62b146e6ef1049e68130d266e6ec77f6 schema:name dimensions_id
99 schema:value pub.1139805545
100 rdf:type schema:PropertyValue
101 N814ee4bdd1e04aad956daa21158f5012 rdf:first N0ddc8afa2dd9412dba812073ee09b113
102 rdf:rest N901a186a1d294a25a1fc9c7512d1d7a2
103 N8266a9ac91204d109dfcf90d5c286995 schema:name Springer Nature
104 rdf:type schema:Organisation
105 N901a186a1d294a25a1fc9c7512d1d7a2 rdf:first N5696f354294d4145ac75a8c50e589eb5
106 rdf:rest N279bd413b9cd4f4ca332e89c5eb8c61f
107 N979dc4f83b7446ae94495cafcc6e7878 rdf:first sg:person.011115044357.39
108 rdf:rest rdf:nil
109 N98df2ce3dd1a4ecda88e8ced23af4fb7 rdf:first sg:person.011075665014.12
110 rdf:rest N979dc4f83b7446ae94495cafcc6e7878
111 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
112 schema:name Information and Computing Sciences
113 rdf:type schema:DefinedTerm
114 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
115 schema:name Data Format
116 rdf:type schema:DefinedTerm
117 sg:person.011075665014.12 schema:affiliation grid-institutes:grid.5596.f
118 schema:familyName Ranea
119 schema:givenName Adrián
120 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075665014.12
121 rdf:type schema:Person
122 sg:person.011115044357.39 schema:affiliation grid-institutes:grid.5596.f
123 schema:familyName Preneel
124 schema:givenName Bart
125 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39
126 rdf:type schema:Person
127 grid-institutes:grid.5596.f schema:alternateName imec-COSIC, KU Leuven, Leuven, Belgium
128 schema:name imec-COSIC, KU Leuven, Leuven, Belgium
129 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...