An investigation on implementations of theoretical whitebox cryptographic solutions

Abstract

Whitebox Cryptography techniques are those which are aimed at protecting software implementations of cryptographic algorithms against key recovery in unprotected devices. The sensitive data embedded in the code is the major concern in any security-sensitive application. Therefore, data encryption is indispensable. But white box cryptography aims to protect the security keys used for data encryption from being revealed. As a whole, such a type of cryptography concerns the analysis of algorithms that are said to operate in a whitebox attack context. In this attack context, all information and details of implementations are visible to an attacker. The attacker not only sees the input and output portions, but they can also see every intermediary implementation and operation that happened along the way. The challenge that whitebox cryptography aims to address is implementing a cryptographic algorithm that will keep the cryptographic assets of software secure even when subject to whitebox attacks. As converting blackbox cryptographic algorithms to whitebox has some sort of performance consequences that have not been measured or identified properly, we will compare the performance of alternative algorithms. In addition to that, as some of the algorithms have very few implementations and any e↵ective open source implementation is yet to be found that will help the researchers in this sector, we will write an open source white box implementation for our performance analysis and the future benefit of the researchers. Moreover, companies lacking resources /skills may also be benefited because of such implementation. In addition, we want to investigate the kinds of attacks that can be launched against the solution in our library and try to add security features to strengthen them to resist common forms of attacks.