Skip to content

DCA related literature

Philippe Teuwen edited this page Nov 26, 2019 · 84 revisions

DCA

Differential Computation Analysis: Hiding your White-Box Designs is Not Enough. Joppe W. Bos and Charles Hubain and Wil Michiels and Philippe Teuwen., CHES 2016, paper (paywall) (c)

@InProceedings{Bos_etal2016,
    author="Bos, J. W. and Hubain, C. and Michiels, W. and Teuwen, P.",
    editor="Gierlichs, B. and Poschmann, A. Y.",
    title="Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough",
    booktitle="Cryptographic Hardware and Embedded Systems -- CHES~2016",
    series="Lecture Notes in Computer Science",
    year="2016",
    publisher="Springer, Heidelberg, Germany",
    address="Santa Barbara, CA, USA",
    volume="9813",
    pages="215--236",
    doi="10.1007/978-3-662-53140-2_11",
}

A minor revision is available freely on ePrint.

Presentations: CYBSEC15, Troopers16, SSTIC 2016, Summer school on real-world crypto and privacy, WhibOx 2016, CHES 2016, Microsoft Research Talks, RWC2017

A French translation is available:

Design de cryptographie white-box : et à la fin, c’est Kerckhoffs qui gagne. Joppe W. Bos and Charles Hubain and Wil Michiels and Philippe Teuwen., SSTIC 2016, paper (pdf)

@InProceedings{Bos_etal2016,
    author="Bos, J. W. and Hubain, C. and Michiels, W. and Teuwen, P.",
    editor="Gierlichs, B. and Poschmann, A. Y.",
    title="Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough",
    booktitle="Cryptographic Hardware and Embedded Systems -- CHES~2016",
    series="Lecture Notes in Computer Science",
    year="2016",
    publisher="Springer, Heidelberg, Germany",
    address="Santa Barbara, CA, USA",
    volume="9813",
    pages="215--236",
    doi="10.1007/978-3-662-53140-2_11",
}

A broader version, including DFA, is available:

White-Box Cryptography: Don’t Forget About Grey-Box Attacks. Estuardo Alpirez Bock and Joppe W. Bos and Chris Brzuska and Charles Hubain and Wil Michiels and Cristofaro Mune and Eloi Sanfelix Gonzalez and Philippe Teuwen and Alexander Treff, J Cryptol (2019) paper (paywall) (c)

Bibtex:

@Article{JC:BBBHMMSTT19,
  author="Bock, E. A. and Bos, J. W. and Brzuska C. and Hubain, C. and Michiels, W. and Mune C. and Sanfelix Gonzalez E. and Teuwen, P. and Treff A.",
  title="White-Box Cryptography: Don't Forget About Grey-Box Attacks",
  pages =        "1095--1143",
  volume =       32,
  month =        oct,
  publisher =    "Springer, Heidelberg, Germany",
  year =         2019,
  journal =      "Journal of Cryptology",
  number =       4,
  doi =          "10.1007/s00145-019-09315-1",
}

A preprint is available freely on ePrint.

Workshops: ECRYPT-NET Workshop on Cryptography Design for the IoT, GreHack 2016

Citing DCA

White-Box Crypto and Smart Cards Friends or Foe? Brecht Wyseur, CARDIS 2015

Unboxing the White-Box Eloi Sanfelix, Cristofaro Mune, Job de Haas, Blackhat Europe 2015, ICMC16, slides (pdf), whitepaper (pdf)

The Birth of Cryptographic Obfuscation -- A Survey Máté Horváth, Levente Buttyán, Cryptology ePrint Archive, Report 2015/412, paper (pdf)

Chicken or the Egg: Computational Data Attacks or Physical Attacks Julien Allibert, Benoit Feix, Georges Gagnerot, Ismael Kane, Hugues Thiebeauld and Tiana Razafindralambo, Cryptology ePrint Archive, Report 2015/1086, paper (pdf)

Applying Software Protection to White-Box Cryptography. Michael Wiener, PPREW-5 Proceedings of the 5th Program Protection and Reverse Engineering Workshop

In the depth of whitebox cryptography algorithms. Hugues Thiebeauld, e-Shard whitepaper, feb 2016.

White-Box Cryptography in the Gray Box - A Hardware Implementation and its Side Channels Pascal Sasdrich, Amir Moradi and Tim Güneysu, 23rd International Conference on Fast Software Encryption, FSE 2016, Bochum, Germany, March 20-23 2016, paper (pdf)

Attacks on White-Box AES Jean-Gaël Rigot, Master’s thesis, Czech Technical University in Prague, May 2016, thesis (pdf)

Side-Channel Attack Analysis of AES White-Box Schemes Jakub Klemsa, Diploma thesis, Czech technical university in Prague, May 2016 thesis (git)

Side-channel attacks against whitebox cryptography implementations on Android Michael Eder, Bachelor's Thesis, Technische Universität München, June 2016, thesis (pdf)

Gehärtete white box implementierung 2 Hermann Drexler, Sven Bauer, Jürgen Pulkus, Giesecke & Devrient Gmbh, WO2016074775 A1, application

Multilateral White-Box Cryptanalysis - Case study on WB-AES of CHES Challenge 2016 Hyunjin Ahn, Dong-Guk Han, Cryptology ePrint Archive, Report 2016/807, paper (pdf)

White-box Cryptography – New Challenges and Research Directions ECRYPT-CSA whitepaper, paper (pdf)

Attacking White-Box AES Constructions Brendan McMillion, Nick Sullivan, Proceedings of the 2016 ACM Workshop on Software PROtection, paper (pdf)

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard, paper (pdf)

Breaking Crypto for Dummies Nikita Abdullin, Zeronights 2016, slides

Evolution of White-Box Cryptography Michael J. Wiener, WhibOx 2016, slides (pdf)

Towards Practical Whitebox Cryptography: Optimizing Efficiency and Space Hardness Andrey Bogdanov, Takanori Isobe, Elmar Tischhauser, Asiacrypt 2016, paper (paywall)

White-box cryptography: practical protection on hostile hosts Yuan Xiang Gu, Harold Johnson, Clifford Liem, Andrew Wajs, Michael J. Wiener, Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering (SSPREW '16), paper (paywall)

An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices Yang Shi, Wujing Wei, Zongjian He, Hongfei Fan, Proceedings of the 32nd Annual Conference on Computer Security Applications (ACSAC '16), paper (paywall)

Analysis of Software Countermeasures for Whitebox Encryption Subhadeep Banik, Andrey Bogdanov, Takanori Isobe, Martin Bjerregaard Jepsen, Cryptology ePrint Archive, Report 2017/183, paper (pdf)

RFA: R-Squared Fitting Analysis Model for Power Attack An Wang, Yu Zhang, Liehuang Zhu, Weina Tian, Rixin Xu, Guoshuang Zhang, Security and Communication Networks, Volume 2017, provisional paper (pdf)

Designing and proving an EMV-compliant payment protocol for mobile devices Véronique Cortier, Alicia Filipiak, Saïd Gharout, Jacques Traoré, 2nd IEEE European Symposium on Security and Privacy (EuroSP'17), paper (pdf)

A Masked White-box Cryptographic Implementation for Protecting against Differential Computation Analysis Seungkwang Lee, Cryptology ePrint Archive, Report 2017/267, paper (pdf)

Ecosystems of Trusted Execution Environment on Smartphones - A Potentially Bumpy Road Assad Umar, Raja Naeem Akram, Keith Mayes, Konstantinos Markantonakis, Third International Conference on Mobile and Secure Services (MobiSecServ 2017), paper (paywall)

Obfuscation with Mixed Boolean-Arithmetic Expressions: Reconstruction, Analysis and Simplification Tools Ninon Eyrolles, Thèse de doctorat de l'Université Paris-Saclay préparée à Université de Versailles Saint-Quentin-en-Yvelines, thesis (pdf)

Use of simulators for side-channel analysis Nikita Veshchikov, Sylvain Guilley, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), paper (paywall)

Practical attacks on commercial white-box cryptography solutions Sanghwan Ahn アン・サンファン, LINE and Intertrust Security Summit 2017 Spring, Tokyo, presentation

SCATTER : A New Dimension in Side-Channel Hugues Thiebeauld, Georges Gagnerot, Antoine Wurcker, Christophe Clavier, paper (pdf)

Analysis of Software Countermeasures for Whitebox Encryption Subhadeep Banik, Andrey Bogdanov, Takanori Isobe, Martin Bjerregaard Jepsen, paper (pdf)

Light-weight white-box encryption scheme with random padding for wearable consumer electronic devices Yang Shi, Xiaoping Wang, Hongfei Fan, paper (paywall)

Dronecrypt - An Ultra-Low Energy Cryptographic Framework for Small Aerial Drones Muslum Ozgur Ozmen, Attila A. Yavuz, paper (pdf)

A Tutorial on Software Obfuscation Sebastian Banescu, Alexander Pretschner, paper (paywall)

White-Box Cryptography Matthieu Rivain, invited talk at CARDIS 2017, paper (pdf)

Discovering Cryptographic Algorithms in Binary Code Through Loop Enumeration Damjan Buhov, Patrick Kochberger, Richard Thron, Sebastian Schrittwieser, paper (paywall)

A White-Box Cryptographic Implementation for Protecting against Power Analysis Seungkwang Lee. paper (pdf)

Attacks and Countermeasures for White-box Designs Alex Biryukov, Aleksei Udovenko, paper (pdf)

How to Reveal the Secrets of an Obscure White-Box Implementation Louis Goubin, Pascal Paillier, Matthieu Rivain, Junwei Wang, paper (pdf)

Towards Fully Automated Analysis of Whiteboxes: Perfect Dimensionality Reduction for Perfect Leakage Cees-Bart Breunesse, Ilya Kizhvatov, Ruben Muijrers, Albert Spruyt, paper (pdf)

Microcontrôleur à flux chiffré d'instructions et de données Thomas Hiscock, Thèse de doctorat préparée au sein du CEA LETI et de L’université de Versailles Saint-Quentin en Yvelines, 2017, thesis (pdf)

On the Ineffectiveness of Internal Encodings - Revisiting the DCA Attack on White-Box Cryptography Estuardo Alpirez Bock, Chris Brzuska, Wil Michiels, Alexander Treff, paper (pdf)

Des attaques en boîte grise pour casser des implémentations cryptographiques en boîte blanche Philippe Teuwen, Multi-System and Internet Security Cookbook-MISC 97, mai 2018. paper (online)

Give me your binary, I'll tell you if it leaks Antoine Bouvet, Nicolas Bruneau, Adrien Facon, Sylvain Guilley, Damien Marion, paper (paywall)

Security Evaluation and Improvement of a White-Box SMS4 Implementation Based on Affine Equivalence Algorithm Tingting Lin, Hailun Yan, Xuejia Lai, Yixin Zhong, Yin Jia, paper (paywall)

Minimizing Side-Channel Attack Vulnerability via Schedule Randomization Nils Vreman, thesis (pdf)

On Recovering Affine Encodings in White-Box Implementations Patrick Derbez, Pierre-Alain Fouque, Baptiste Lambin, Brice Minaud, paper (pdf)

Design and formal analysis of security protocols, an application to electronic voting and mobile payment Alicia Filipiak, thesis (pdf)

Detecting cache-timing vulnerabilities in post-quantum cryptography algorithms Adrien Facon, Sylvain Guilley, Matthieu Lec’Hvien, Alexander Schaub, Youssef Souissi, paper (paywall)

DATA – Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, Georg Sigl, paper (pdf)

Automation of White-Box Cryptography attacks in Android applications Vı́ctor Sánchez Ballabriga, thesis (pdf)

Binary Data Analysis for Source Code Leakage Assessment Adrien Facon, Sylvain Guilley, Matthieu Lec’hvien, Damien Marion, Thomas Perianin, paper (paywall), also as pdf

A Key Leakage Preventive White-box Cryptographic Implementation Seungkwang Lee, Nam-su Jho, Myungchul Kim, paper (pdf)

Algorithmic and Protocol Level Countermeasures to Protect Cryptographic Devices Fabrizio De Santis, thesis (pdf)

White Box Implementations of Dedicated Ciphers on the ARM NEON Architecture Ricardo Dahab, Julio López, Félix Carvalho Rodrigues, Hayato Fujii, Giuliano Sider, Ana Clara Serpa, paper (pdf)

Higher-Order DCA against Standard Side-Channel Countermeasures Andrey Bogdanov, Matthieu Rivain, Philip S. Vejre, Junwei Wang, paper (paywall)

Another Look on Bucketing Attack to Defeat White-Box Implementations Mohamed Zeyad, Houssem Maghrebi, Davide Alessio, Boris Batteux, paper (paywall)

Attacking Hardware AES with DFA Yifan Lu, paper (pdf)

Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations Matthieu Rivain, Junwei Wang, paper (pdf)

White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family Federico Cioschi, Nicolò Fornari, Andrea Visconti, paper (paywall)

Cache-Timing Attacks Still Threaten IoT Devices Sofiane Takarabt, Alexander Schaub, Adrien Facon, Sylvain Guilley, Laurent Sauvage, Youssef Souissi, Yves Mathieu, paper (paywall)

White-Box Implementation of Shamir's Identity-based Signature Scheme Qi Feng, Debiao He, Huaqun Wang, Neeraj Kumar, Kim-Kwang, Raymond Choo, paper (paywall)

White-Box Implementation of the KMAC Message Authentication Code Jiqiang Lu, Zhigang Zhao, Huaqun Guo, paper (paywall)

Media articles

Security Assessment of Software Security: A Closer Look at White-Box Cryptographic Implementations Joppe W. Bos and Wil Michiels, ERCIM News 106, July 2016, issue (pdf)

Security assessment of software security: Why secure sometimes isn’t secure enough NXP blog, 2016, online

NXP warns cryptographic keys can be hacked Richard Wilson, ElectronicsWeekly.com, July 2016, online

You can’t perform that action at this time.