Protection of statistical analysis on white-box cryptography

Abstract

White-box cryptographic implementations of symmetric-key algorithms aim to protect against white-box attacks that have an ability to control over computing resources in the device. The encoding adapted in white-box cryptography of standard block ciphers obfuscates the key-dependent intermediate values in order to prevent the key leakage. For the encoding consisting of linear and nonlinear transformations, there exist lots of mathematical relations between the input and the output. Thus, the key has been successfully extracted from a white-box cryptographic implementation by using statistical analysis without having to conduct white-box attacks. In this dissertation, we first dispute the previous study on the key leakage of the linear transformation. We prove the correct cause of the key leakage on the linear transformation and show experimental results to demonstrate it. In addition, we propose a secure white-box cryptographic implementation of an AES-128 algorithm that protects against statistical analysis including DCA, DCA variants, and fault attacks. This contributes to enhanced resistance to key analysis, as it increases the cost and time an attacker has to spend in order to extract secret keys and requires detailed knowledge of the internal design of the cipher.