On Self-equivalence Encodings in White-Box Implementations View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2021-07-21

AUTHORS

Adrián Ranea , Bart Preneel

ABSTRACT

All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers. More... »

PAGES

639-669

Book

TITLE

Selected Areas in Cryptography

ISBN

978-3-030-81651-3
978-3-030-81652-0

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25

DOI

http://dx.doi.org/10.1007/978-3-030-81652-0_25

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1139805545


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Ranea", 
        "givenName": "Adri\u00e1n", 
        "id": "sg:person.011075665014.12", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075665014.12"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Preneel", 
        "givenName": "Bart", 
        "id": "sg:person.011115044357.39", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2021-07-21", 
    "datePublishedReg": "2021-07-21", 
    "description": "All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers.", 
    "editor": [
      {
        "familyName": "Dunkelman", 
        "givenName": "Orr", 
        "type": "Person"
      }, 
      {
        "familyName": "Jacobson,", 
        "givenName": "Michael J.", 
        "type": "Person"
      }, 
      {
        "familyName": "O'Flynn", 
        "givenName": "Colin", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-81652-0_25", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-81651-3", 
        "978-3-030-81652-0"
      ], 
      "name": "Selected Areas in Cryptography", 
      "type": "Book"
    }, 
    "keywords": [
      "random permutation", 
      "broad class", 
      "affine permutations", 
      "equivalence problem", 
      "cipher components", 
      "diagonal shape", 
      "white-box implementations", 
      "non-linear layer", 
      "affine equivalence problem", 
      "software implementation", 
      "generic analysis", 
      "permutations", 
      "SPN ciphers", 
      "white-box designs", 
      "type of ciphers", 
      "generic attacks", 
      "full control", 
      "affine layers", 
      "recent progress", 
      "framework", 
      "problem", 
      "implementation", 
      "class", 
      "cipher", 
      "layer", 
      "huge progress", 
      "block cipher", 
      "design", 
      "different designs", 
      "cryptanalysis", 
      "shape", 
      "encoding", 
      "connection", 
      "S-box layers", 
      "structure", 
      "devices", 
      "analysis", 
      "adversary", 
      "progress", 
      "work", 
      "components", 
      "conditions", 
      "control", 
      "attacks", 
      "design side", 
      "types", 
      "security", 
      "potential", 
      "side", 
      "rounds", 
      "academic methods", 
      "group", 
      "method"
    ], 
    "name": "On Self-equivalence Encodings in White-Box Implementations", 
    "pagination": "639-669", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1139805545"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-81652-0_25"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-81652-0_25", 
      "https://app.dimensions.ai/details/publication/pub.1139805545"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-11-24T21:17", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221124/entities/gbq_results/chapter/chapter_396.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-81652-0_25"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-81652-0_25'


 

This table displays all metadata directly associated to this object as RDF triples.

129 TRIPLES      22 PREDICATES      77 URIs      70 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-81652-0_25 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N6ba6e2c657174bb6bc844e24814628d3
4 schema:datePublished 2021-07-21
5 schema:datePublishedReg 2021-07-21
6 schema:description All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have been proposed on the CEJO framework, no generic analysis has been performed on self-equivalence encodings, a different design where only the affine layer of each round is encoded with random self-equivalences of the S-box layer, that is, affine permutations commuting with the non-linear layer.In this work, we analyse the security of white-box implementations based on self-equivalence encodings for a broad class of SPN ciphers. First, we characterize the self-equivalence groups of S-box layers, and we prove that all the self-equivalences of a cryptographically strong S-box layer have a diagonal shape. Then, we propose the first generic attack on self-equivalence encodings. Our attack, based on affine equivalence problems, identifies the connection between the security of self-equivalence encodings and the self-equivalence structure of the cipher components. While we show that traditional SPN ciphers with cryptographically strong S-box layers cannot be secured with self-equivalence encodings, our analysis shows that self-equivalence encodings resist the generic attack if the cipher components satisfy several conditions, revealing the potential of self-equivalence encodings to secure other types of ciphers.
7 schema:editor N27c1ec52b6cf48adb146858fe2dee876
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf Nc9df3dfa5d1c4ee29a9af70bf4efcb54
11 schema:keywords S-box layers
12 SPN ciphers
13 academic methods
14 adversary
15 affine equivalence problem
16 affine layers
17 affine permutations
18 analysis
19 attacks
20 block cipher
21 broad class
22 cipher
23 cipher components
24 class
25 components
26 conditions
27 connection
28 control
29 cryptanalysis
30 design
31 design side
32 devices
33 diagonal shape
34 different designs
35 encoding
36 equivalence problem
37 framework
38 full control
39 generic analysis
40 generic attacks
41 group
42 huge progress
43 implementation
44 layer
45 method
46 non-linear layer
47 permutations
48 potential
49 problem
50 progress
51 random permutation
52 recent progress
53 rounds
54 security
55 shape
56 side
57 software implementation
58 structure
59 type of ciphers
60 types
61 white-box designs
62 white-box implementations
63 work
64 schema:name On Self-equivalence Encodings in White-Box Implementations
65 schema:pagination 639-669
66 schema:productId N2e2715b09ed648e3badfb52eb4d4a27c
67 N559898af9c1a443b8b13130c576887b5
68 schema:publisher N87bda375ba6b4087a978388ce117edf3
69 schema:sameAs https://app.dimensions.ai/details/publication/pub.1139805545
70 https://doi.org/10.1007/978-3-030-81652-0_25
71 schema:sdDatePublished 2022-11-24T21:17
72 schema:sdLicense https://scigraph.springernature.com/explorer/license/
73 schema:sdPublisher Nd0606209f00b430eac1f5bdc07191540
74 schema:url https://doi.org/10.1007/978-3-030-81652-0_25
75 sgo:license sg:explorer/license/
76 sgo:sdDataset chapters
77 rdf:type schema:Chapter
78 N133ce4dd2c8e4faf99c1ba7c22a7261f schema:familyName Jacobson,
79 schema:givenName Michael J.
80 rdf:type schema:Person
81 N27c1ec52b6cf48adb146858fe2dee876 rdf:first Ndff472df14de45f6b2637bf365c8341c
82 rdf:rest N4738ab4602d54cbcbacf3aad2f4834ca
83 N2e2715b09ed648e3badfb52eb4d4a27c schema:name dimensions_id
84 schema:value pub.1139805545
85 rdf:type schema:PropertyValue
86 N3fb5b74d67854c33b682d4c31d213088 rdf:first sg:person.011115044357.39
87 rdf:rest rdf:nil
88 N4738ab4602d54cbcbacf3aad2f4834ca rdf:first N133ce4dd2c8e4faf99c1ba7c22a7261f
89 rdf:rest N6193ea3f034e4f6e9e638341a73c6cf5
90 N559898af9c1a443b8b13130c576887b5 schema:name doi
91 schema:value 10.1007/978-3-030-81652-0_25
92 rdf:type schema:PropertyValue
93 N6193ea3f034e4f6e9e638341a73c6cf5 rdf:first N6b4562aa90cf4cd18694baf249c564ca
94 rdf:rest rdf:nil
95 N6b4562aa90cf4cd18694baf249c564ca schema:familyName O'Flynn
96 schema:givenName Colin
97 rdf:type schema:Person
98 N6ba6e2c657174bb6bc844e24814628d3 rdf:first sg:person.011075665014.12
99 rdf:rest N3fb5b74d67854c33b682d4c31d213088
100 N87bda375ba6b4087a978388ce117edf3 schema:name Springer Nature
101 rdf:type schema:Organisation
102 Nc9df3dfa5d1c4ee29a9af70bf4efcb54 schema:isbn 978-3-030-81651-3
103 978-3-030-81652-0
104 schema:name Selected Areas in Cryptography
105 rdf:type schema:Book
106 Nd0606209f00b430eac1f5bdc07191540 schema:name Springer Nature - SN SciGraph project
107 rdf:type schema:Organization
108 Ndff472df14de45f6b2637bf365c8341c schema:familyName Dunkelman
109 schema:givenName Orr
110 rdf:type schema:Person
111 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
112 schema:name Information and Computing Sciences
113 rdf:type schema:DefinedTerm
114 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
115 schema:name Data Format
116 rdf:type schema:DefinedTerm
117 sg:person.011075665014.12 schema:affiliation grid-institutes:grid.5596.f
118 schema:familyName Ranea
119 schema:givenName Adrián
120 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075665014.12
121 rdf:type schema:Person
122 sg:person.011115044357.39 schema:affiliation grid-institutes:grid.5596.f
123 schema:familyName Preneel
124 schema:givenName Bart
125 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39
126 rdf:type schema:Person
127 grid-institutes:grid.5596.f schema:alternateName imec-COSIC, KU Leuven, Leuven, Belgium
128 schema:name imec-COSIC, KU Leuven, Leuven, Belgium
129 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...