Title :
Clarifying obfuscation: improving the security of white-box DES
Author :
Link, Hamilton E. ; Neumann, William D.
Author_Institution :
Sandia Nat. Labs., Albuquerque, NM, USA
Abstract :
To ensure the security of software executing on malicious hosts, as in digital rights management (DRM) applications, it is desirable to encrypt or decrypt content using white-box-encoded cryptographic algorithms in the manner of Chow et al. (2002). Such encoded algorithms must run on an adversary´s machine without revealing the private key information used, despite the adversary´s ability to observe and manipulate the running algorithm. We have implemented obfuscated (white-box) DES and triple-DES algorithms along the lines of Chow et al., with alterations that improve the security of the key. Our system is secure against two previously published attacks on Chow et al.´s system, and our own adaptation of a statistical bucketing attack on their system.
Keywords :
cryptography; industrial property; cryptography; decryption; encryption; obfuscation; software security; statistical bucketing attack; triple-DES algorithms; white-box DES; white-box-encoded cryptographic algorithms; Application software; Content management; Cryptography; Encoding; Information security; Jacobian matrices; Laboratories; National security; Performance analysis; Protection;
Conference_Titel :
Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on
Print_ISBN :
0-7695-2315-3
DOI :
10.1109/ITCC.2005.100
