Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
This is the wiki page associated to the SideChannelMarvels/Deadpool project.
Deadpool is a repository of various public white-box cryptographic implementations together with methods on how to extract the secret key. To summarize:
- The Deadpool repository provides the scripts (which in turn use the tools from SideChannelMarvels/Tracer and SideChannelMarvels/Daredevil)
- Our article which summarizes the results
- This wiki which provide tutorials which show, step by step, how to use the tools and techniques to extract the key from the white-box implementation
This is a work in progress and more tutorials will be added in the near future.
- Tutorial #1: DCA against Wyseur 2007 challenge
- Tutorial #2: DCA against Hack.lu 2009 challenge
- Tutorial #3: DCA against SSTIC 2012 challenge
- Tutorial #4: DCA against Karroumi 2010 challenge
- Tutorial #5: DCA against OpenWhiteBox AES Chow
Third party software
Useful third party software:
- Hulk is able to bruteforce missing bytes after a DCA attack on AES with his special ability of AES-NI
- conditional-reduction: experiments with sample reduction for DCA, cf https://eprint.iacr.org/2018/095
- qscat: Qt Side Channel Analysis Tool to handle signal traces and more (using Daredevil)
- Jlsca: toolbox in Julia to do the computational part (DPA) of a side channel attack
- White-box Algebraic Security: PoC for the paper Attacks and Countermeasures for White-box Designs, see DCA-related literature for refs.
- On Recovering Affine Encodings in White-Box Implementations: an implementation of an attack described in the eponymous paper, see DCA-related literature for refs.
- DATA - Differential Address Trace Analysis: DATA reveals address-based side-channel leaks, which account for attacks exploiting caches, TLBs, branch prediction, control channels, and likewise.
- Lascar - Ledger's Advanced Side Channel Analysis Repository: From side-channel acquisitions to results management, passing by signal synchronisation, custom attacks, lascar provides classes/functions to solve most of the obstacles an attacker would face, when needed to perform sound, state-of-the-art side-channel analysis.
- Rainbow - It makes unicorn traces: Using Unicorn as a basis, Rainbow aims to provide an easy scripting interface to loosely emulate embedded binaries, trace them to perform side-channels, and (sometime in the near future :) )simulate fault injections.
- White-box AES literature
- White-box DES literature
- DCA-related literature
- Generalisation and new white-box ciphers literature