Whiteboxgrind – Automated Analysis of Whitebox Cryptography
Digital intellectual property is often protected by encrypting the data up to the point of use. Whitebox cryptography is an attempt to provide users with the ability to decrypt that data without actually revealing the key by embedding the key inside a cryptographic implementation. In this work, we design and implement Whiteboxgrind, a fast, fully automated toolchain that obtains execution traces from whitebox implementations and applies DCA to recover the hidden embedded keys. To evaluate Whiteboxgrind, we analysed whiteboxes of the CHES WhibOx 2019 competition, and found Whiteboxgrind to provide a significant performance improvement over the state-of-the-art tooling, enabling attacks that were previously infeasible due to memory constraints. Furthermore, we provide Whiteboxgrind’s source code.
Whiteboxgrind – Automated Analysis of Whitebox Cryptography
Constructive Side-Channel Analysis and Secure Design: 14th International Workshop, COSADE 2023, Munich, Germany, April 3–4, 2023, Proceedings
| Authors: | Tobias Holl, Katharina Bogad, and Michael Gruber |
| Year/month: | 2023/4 |
| Booktitle: | Constructive Side-Channel Analysis and Secure Design: 14th International Workshop, COSADE 2023, Munich, Germany, April 3–4, 2023, Proceedings |
| Pages: | 221 - 240 |
| Fulltext: | click here |
Abstract |
|
| Digital intellectual property is often protected by encrypting the data up to the point of use. Whitebox cryptography is an attempt to provide users with the ability to decrypt that data without actually revealing the key by embedding the key inside a cryptographic implementation. In this work, we design and implement Whiteboxgrind, a fast, fully automated toolchain that obtains execution traces from whitebox implementations and applies DCA to recover the hidden embedded keys. To evaluate Whiteboxgrind, we analysed whiteboxes of the CHES WhibOx 2019 competition, and found Whiteboxgrind to provide a significant performance improvement over the state-of-the-art tooling, enabling attacks that were previously infeasible due to memory constraints. Furthermore, we provide Whiteboxgrind’s source code. | |
Bibtex:
@inproceedings {author = { Tobias Holl and Katharina Bogad and Michael Gruber},
title = { Whiteboxgrind – Automated Analysis of Whitebox Cryptography },
year = { 2023 },
month = { April },
booktitle = { Constructive Side-Channel Analysis and Secure Design: 14th International Workshop, COSADE 2023, Munich, Germany, April 3–4, 2023, Proceedings },
pages = { 221 - 240 },
url = { https://doi.org/10.1007/978-3-031-29497-6_11 },
}