WARX: efficient white-box block cipher based on ARX primitives and random MDS matrix

Li, Jun; Rijmen, Vincent; Hu, Yupu; Chen, Jie; Wang, Baocang

doi:10.1007/s11432-020-3105-1

Cited by 10 publications

(4 citation statements)

References 54 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have 4,5,8 and 16 independent table lookups in SPNbox-32, 24, 16 and 8, respectively. As a result, we achieved 15% performance improvement compared to other available implementations [14] (parallel instruction sets were not used). While implementing the Merkle tree signature scheme, instead of producing 2N pre-images and hash-images for N-bit hash length, we preferred an optimized message mapping algorithm [15], thereby we achieved almost 50% of improvement in time and memory.…”

Section: Methodsmentioning

confidence: 86%

RETRACTED: Quantum-Resistance Meets White-BoxCryptography: How to Implement Hash-BasedSignatures against White-Box Attackers?

Bicakci,

Ulker,

Uzunay

et al. 2024

Preprint

View full text Add to dashboard Cite

White-box cryptography challenges the assumption that the endpoints are trusted and aims at providing protection against an adversary more powerful than the one in the traditional black-box cryptographic model. Motivating by the fact that most existing white-box implementations focus on symmetric encryption, we present implementations for hash-based signatures so that the security against white-box attackers (who has read-only access to data with a size bounded by a space-hardness parameter M) depends on the availability of a white-box secure cipher (in addition to a general one-way function). We also introduce parameters and key-generation complexity results for white-box secure instantiation of stateless hash-based signature scheme SPHINCS+, one of the NIST selection for quantum-resistant digital signature algorithms, and its older version SPHINCS. We also present a hash tree based solution for one-time passwords secure in a white-box attacker context. We implement the proposed solutions and share our performance results.

show abstract

Section: Methodsmentioning

confidence: 86%

RETRACTED: Quantum-Resistance Meets White-BoxCryptography: How to Implement Hash-BasedSignatures against White-Box Attackers?

Bicakci,

Ulker,

Uzunay

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…For the equation system, the rank is 2 16 − 2 and there are 2 32 − 2 16 affine equivalent solutions. This attack has data, time, and memory complexities of 2 16 chosen plaintexts, 2 43.4 encryptions, and 2 21 bytes, which surpasses the previous attack whose corresponding complexities are 2 29 chosen plaintexts, 2 50.5 encryptions, and 2 29 bytes respectively.…”

Section: Conflict Of Interestmentioning

confidence: 79%

“…In recent years, dedicated white-box block ciphers appeared as a promising direction in white-box cryptography. They aim for (provable) security under both black-and whitebox models, and even (optional) resistance against sidechannel attacks in cloud scenarios [13][14][15][16][17][18][19][20][21].…”

Section: Introductionmentioning

confidence: 99%

Improved integral cryptanalysis of SPNbox in digital rights management systems

Liu

Wang

et al. 2022

IET Information Security

View full text Add to dashboard Cite

As an access control technology of digital material, digital rights management systems have a profound effect on the copyright protection of digital content. To address the threat of key exposure, applying white‐box ciphers is effective to provide a security guarantee for digital rights management systems. SPNbox, proposed at Asiacrypt’16 is such a white‐box cipher that fulfils comprehensive resistance against key exposure for digital rights management systems, including black‐box security on the server‐side and white‐box security on the client‐side. So far, the previous integral cryptanalysis of SPNbox employs a general 2‐round distinguisher without considering the details of SPNbox. The properties of SPNbox are carefully explored and a novel 2‐round integral distinguisher is introduced. On this basis, we propose new competitive 3‐round key recovery attacks with lower complexities. Particularly, the improved attack on 3‐round SPNbox‐32 only requires 232 chosen plaintexts, whereas the current best attack necessitates 262 chosen plaintexts. In addition, integral attacks on 4‐ and 5‐round SPNbox‐8 are presented for the first time. Thus, the security margin of SPNbox‐8 is narrowed by two rounds. These results indicate that the capability of SPNbox resisting integral cryptanalysis is inferior to the designers' claim.

show abstract

“…The FPL-AES scheme in the literature [37] uses parallel lookup tables to design whiteblock ciphers with high storage cost and requires 13.75MB of storage space. The WARX scheme in literature [38] uses modulo-add, shift, heterogeneous original language and MDS matrix and WARX is more efficient than SPNbox-16 and WEM. The Yoroi-16 scheme in literature [18] enhances the security of code extraction attacks against persistent leaks by updating incompressible tables, but requires multiple lookup tables and 384KB of storage space.…”

Section: Space Occupancy Analysis and Comparisonmentioning

confidence: 99%

SPN-AS: A new white-box cryptographic algorithm based on AS iteration structure

Yang

Zhai

Dong

2023

Preprint

View full text Add to dashboard Cite

The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, SPN-AS, a novel white-box block cipher based on AS iterative structure is proposed. This scheme utilizes the AS iterative structure to construct a lookup table with a five-layer ASASA structure, and the maximum distance separable matrix is used as a linear layer to achieve complete diffusion in a small number of rounds. Attackers can be prevented from recovering the key under black-box model. The length of nonlinear layer S and affine layer A in lookup table is 16 bits, which effectively avoids decomposition attack against the ASASA structure and makes the algorithm possess anti-key extraction security under the white-box model, while SPN-AS possesses weak white-box (32KB, 112)-space hardness to satisfy anti-code lifting security. SPN-AS has provable security and better storage cost than existing schemes, with the same anti-key extraction security and anti-code lifting security, only 128KB of memory space is required in SPN-AS, which is only 14% of SPACE-16 algorithm and 33% of Yoroi-16 algorithm.

show abstract

WARX: efficient white-box block cipher based on ARX primitives and random MDS matrix

Cited by 10 publications

References 54 publications

RETRACTED: Quantum-Resistance Meets White-BoxCryptography: How to Implement Hash-BasedSignatures against White-Box Attackers?

RETRACTED: Quantum-Resistance Meets White-BoxCryptography: How to Implement Hash-BasedSignatures against White-Box Attackers?

Improved integral cryptanalysis of SPNbox in digital rights management systems

SPN-AS: A new white-box cryptographic algorithm based on AS iteration structure

Contact Info

Product

Resources

About