1,128 Hits in 9.8 sec

Efficient and Provable White-Box Primitives [chapter]

Pierre-Alain Fouque, Pierre Karpman, Paul Kirchner, Brice Minaud
2016 Lecture Notes in Computer Science  
This includes the weak white-box ASASA construction by Bouillaguet, Biryukov and Khovratovich from Asiacrypt 2014, and the recent space-hard construction by Bogdanov and Isobe at CCS 2016.  ...  Moreover we propose concrete instantiations of our constructions, which prove to be quite efficient and competitive with prior work. Thus provable security comes with a surprisingly low overhead.  ...  They are quite efficient, but cannot hope to achieve provable security. Our goal is to offer provable constructions, while retaining similar efficiency.  ... 
doi:10.1007/978-3-662-53887-6_6 fatcat:3k6pw6wt5zcgzkb67b5zwh4zrm

White-Box Security Notions for Symmetric Encryption Schemes [chapter]

Cécile Delerablée, Tancrède Lepoint, Pascal Paillier, Matthieu Rivain
2014 Lecture Notes in Computer Science  
, incompressibility and traceability for white-box programs.  ...  This might be in part because it is still quite unclear what white-box cryptography really aims to achieve and which security properties are expected from white-box programs in applications.  ...  The authors would like to thank Jean-Sébastien Coron and Louis Goubin for interesting discussions and suggestions.  ... 
doi:10.1007/978-3-662-43414-7_13 fatcat:rv6w5ogxabetln6tt3rlrzopwm

Towards a Theory of White-Box Security [chapter]

Amir Herzberg, Haya Shulman, Amitabh Saxena, Bruno Crispo
2009 IFIP Advances in Information and Communication Technology  
The security of WBRPE construction is established by reduction among two white box primitives and it introduces new techniques of programs manipulation.  ...  We present a rigorous approach to software execution in remote environment based on a new white box primitive, the White Box Remote Program Execution (WBRPE), whose security specifications include confidentiality  ...  We thank Yoram Ofek, Jasvir Nagra, and Christian S. Collberg for useful discussions and helpful comments.  ... 
doi:10.1007/978-3-642-01244-0_30 fatcat:ejwdhfz2vbf7pbdy3tj3ch62v4

Robust Combiners for Software Hardening [chapter]

Amir Herzberg, Haya Shulman
2010 Lecture Notes in Computer Science  
We present the first robust combiner for white-box primitive, specifically for White-Box Remote Program Execution (WBRPE) schemes.  ...  Furthermore, robust combiners for white-box primitives, are interesting since they introduce new techniques of reductions.  ...  for white-box security primitives.  ... 
doi:10.1007/978-3-642-13869-0_20 fatcat:wqdage7w7nhpzh2d66a7wwvwjm

The Long-Short-Key Primitive and Its Applications to Key Security [chapter]

Matthew Cary, Matthias Jacob, Mariusz H. Jakubowski, Ramarathnam Venkatesan
2008 Lecture Notes in Computer Science  
To address this problem, we designed and implemented a new primitive that helps provide better security for ciphers that use keys stored in easily accessible locations.  ...  Using a pseudorandom generator and additional novel software-protection techniques, we show how to implement this construction securely for AES.  ...  Our main provable security metric, namely the minimum size of any white-box hack, is of independent theoretical interest as well.  ... 
doi:10.1007/978-3-540-89598-5_19 fatcat:ty4odmmamzgz3d3p775pweap3e

Guest Editors' Introduction: Special Issue on Top Picks in Hardware and Embedded Security

Rosario Cammarota, Francesco Regazzoni
2021 IEEE design & test  
, and efficient implementation of cryptographic primitives.  ...  The second, by Das et al., "EM/Power Side-Channel Attack: White-Box Modeling and Signature Attenuation Countermeasures," presents analysis methods to pinpoint the cause of side-channel leakage in integrated  ... 
doi:10.1109/mdat.2021.3068938 fatcat:vgxsg2sdrnb6fir5mr6xgczycm

Resisting Key-Extraction and Code-Compression: a Secure Implementation of the HFE Signature Scheme in the White-Box Model [article]

Pierre Galissant, Louis Goubin
2022 IACR Cryptology ePrint Archive  
white-box adversary model.  ...  For a security level 2 80 , the public key size is approximately 62.5 MB and the white-box implementation of the signature algorithm has a size approximately 256 GB.  ...  on the primitives that is white-boxed, and then code the computation of the primitive with the key found.  ... 
dblp:journals/iacr/GalissantG22 fatcat:nvhzjtmydbacrcc7yxqctjcqom

Attacks and Countermeasures for White-box Designs [chapter]

Alex Biryukov, Aleksei Udovenko
2018 Advances in Industrial Control  
Recently, Bos et al. [5] proposed a generic attack on white-box primitives called differential computation analysis (DCA).  ...  In the traditional symmetric cryptography, the adversary has access only to the inputs and outputs of a cryptographic primitive.  ...  We consider a keyed symmetric primitive, e.g. a block cipher. The white-box designer takes a naive implementation with a hardcoded secret key and obfuscates it producing a white-box implementation.  ... 
doi:10.1007/978-3-030-03329-3_13 fatcat:ekhxyir2qjbzveawcgss26xqx4

A Simple Algorithm for Maximal Poisson-Disk Sampling in High Dimensions

Mohamed S. Ebeida, Scott A. Mitchell, Anjul Patney, Andrew A. Davidson, John D. Owens
2012 Computer graphics forum (Print)  
The serial algorithm is practical in dimensions up to 5, and has been demonstrated in 6d. We have efficient GPU implementations in 2d and 3d.  ...  The serial algorithm is provably bias-free. For an output sampling of size n in fixed dimension d, we use a linear memory budget and empirical Θ(n) runtime.  ...  Acknowledgements We are grateful to Gamito Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation  ... 
doi:10.1111/j.1467-8659.2012.03059.x fatcat:r4t6xrlefbe3hc7tt2yq4gdsli

From Relay Attacks to Distance-Bounding Protocols [chapter]

Gildas Avoine, Ioana Boureanu, David Gérault, Gerhard P. Hancke, Pascal Lafourcade, Cristina Onete
2021 Security of Ubiquitous Computing Systems  
AbstractWe present the concept of relay attacks, and discuss distance-bounding schemes as the main countermeasure.  ...  Namely, [107] advances a formal DB threat-model where a fine-grained level of corruption of the prover (i.e., white-box, black-box) is taken into account, such that each application can "pick and choose  ...  Provably-(in)Secure Protocols Designing a distance-bounding protocol that is both efficient and provably-secure has proved a difficult task.  ... 
doi:10.1007/978-3-030-10591-4_7 fatcat:uuq4ffyrxba2fljqxpe46c7iju

Symmetrically and Asymmetrically Hard Cryptography [chapter]

Alex Biryukov, Léo Perrin
2017 Lecture Notes in Computer Science  
The main efficiency metrics for a cryptographic primitive are its speed, its code size and its memory complexity.  ...  This unified view allows us to present modular block cipher and sponge constructions which can have any of the three forms of hardness and can be used to build any higher level symmetric primitive: hash  ...  Acknowledgements We thank anonymous reviewers from S&P, USENIX and ASIACRYPT'17 for their helpful comments.  ... 
doi:10.1007/978-3-319-70700-6_15 fatcat:ppxfwa4pgfhpxlnycdbyx7mpna

Building Secure Block Ciphers on Generic Attacks Assumptions [chapter]

Jacques Patarin, Yannick Seurin
2009 Lecture Notes in Computer Science  
By opposition, other provably secure symmetric primitives, as for example C [3] and KFC [4], designed using information-theoretic results, are only proved to resist a limited (though significant) range  ...  Up to now, the design of block ciphers has been mainly driven by heuristic arguments, and little theory is known to constitute a good guideline for the development of their architecture.  ...  Besides, we'd like to underline that the nonexistence of short keys may be turned into an advantage in some cases, particularly in a white-box context of operation [9] .  ... 
doi:10.1007/978-3-642-04159-4_5 fatcat:lbxt5nkisza3paoaizw3wpuozu

Dummy Shuffling against Algebraic Attacks in White-box Implementations [article]

Alex Biryukov, Aleksei Udovenko
2021 IACR Cryptology ePrint Archive  
At CHES 2016, Bos, Hubain, Michiels and Teuwen showed that most of existing white-box implementations are easily broken by standard side-channel attacks.  ...  In this work, we study the effectiveness of another well-known side-channel countermeasure -shuffling -against linear and higher-degree algebraic attacks in the white-box setting.  ...  Luxembourg and supported by the Luxembourg National Research Fund (FNR) project FinCrypt (C17/IS/11684537).  ... 
dblp:journals/iacr/BiryukovU21 fatcat:yghde2tvgnfv7fraqd6kkf6cwm

Structural Evaluation of AES and Chosen-Key Distinguisher of 9-Round AES-128 [chapter]

Pierre-Alain Fouque, Jérémy Jean, Thomas Peyrin
2013 Lecture Notes in Computer Science  
Provable security against differential and linear cryptanalysis in the related-key scenario is an important step towards a better understanding of its construction.  ...  Using a structural analysis, we show that the full AES-128 cannot be proven secure unless the exact coefficients of the MDS matrix and the S-Box differential properties are taken into account since its  ...  We would like to thank the Martjin Stam, Christian Rechberger and the anonyous referees for their valuable comments on our paper.  ... 
doi:10.1007/978-3-642-40041-4_11 fatcat:4c33qsv6sjfipcnz644mswmkuy

FPL: White-Box Secure Block Cipher Using Parallel Table Look-Ups [article]

Jihoon Kwon, ByeongHak Lee, Jooyoung Lee, Dukjae Moon
2020 IACR Cryptology ePrint Archive  
Our construction, enjoying rigorous provable security without relying on any ideal primitive, provides flexibility to the block size and the table size, and permits parallel table look-ups.  ...  We identify the properties of the probe function that make the resulting block cipher white-box secure in terms of weak and strong space hardness against known-space and non-adaptive chosen-space attacks  ...  Numerous primitives claiming for security at the white-box model were proposed in the last few years. These primitives can be roughly divided into two classes.  ... 
dblp:journals/iacr/KwonLLM20 fatcat:xckaxsly4ja6re7eghr3ilctkq
« Previous Showing results 1 — 15 out of 1,128 results