Abstract: This work presents the first cryptanalysis against the white box implementations proposed by Chow et al. in 2002. The white box attack context introduced by Chow et al. is the common setting where cryptographic software is executed in an untrusted environment—i.e. an attacker has gained access to the implementation of cryptographic algorithms, and can observe or manipulate the dynamic execution of whole or part of the algorithms. In this paper, we present an efficient practical attack against the obfuscated AES implementation proposed at SAC 2002 as a means to protect AES software operated in the white box context against key exposure. We explain in details how to extract the whole AES secret key embedded in such a white box AES implementation, with negligible memory and worst time complexity 230.
- the original white box AES implementation by Chow et al.
- the original white box DES implementation by Chow et al.
- attack of a naked variant of the white box DES by Jacob et al.
- improving the security of white-box DES by Link and Neumann
- cryptanalysis of a white-box DES by Goubin et al.
- cryptanalysis of a white-box DES by Wyseur et al.