White-box cryptography - Security Software Glossary | Promon

Written by Promon | Jan 17, 2025 9:30:25 AM

What is white-box cryptography?

White-box cryptography is a software-only implementation technique that aims to secure cryptographic operations in environments where an attacker has complete control of the software. Unlike traditional cryptography, which focuses on securing data through encryption and reducing the security problem to protecting the key, white-box cryptography attempts to protect both the cryptographic algorithms and the keys within the software itself.

Generally, "white-box" refers to a system or process that is fully transparent, and all internal workings, structures, or algorithms are visible and accessible, allowing for deeper inspection and understanding. In contrast, "black-box" refers to a system whose internal workings are hidden, and only inputs and outputs are visible.

Summary

White-box cryptography combines cryptographic techniques with obfuscation to protect keys within application code. This approach aims to make it difficult for attackers to identify and extract cryptographic keys, even in untrusted environments. However, it's crucial to understand that white-box cryptography is never secure without additional obfuscation and runtime protection measures, and can potentially be broken by skilled attackers given enough time and resources.

Deep dive

White-box cryptography transforms cryptographic algorithms and their associated keys into a form that attempts to conceal the keys' presence and make the algorithms resistant to analysis and extraction. However, it always faces a trade-off between the size and speed of the implementation versus its security.

How it works

White-box cryptography involves 3 main steps: key encapsulation, obfuscation, and adding self-defense protections.

Key encapsulation

Data encryption: Embedded keys encrypt critical data, ensuring that even if the data is accessed, it cannot be decrypted without the keys.
Key embedding: Cryptographic keys are embedded directly into the app code, making them difficult to identify and extract.

Obfuscation

Code obfuscation: The app code is then obfuscated which makes static analysis challenging for attackers.
Execution flow obfuscation: The execution flow of cryptographic algorithms is obscured to prevent attackers from gathering information through timing attacks.

Self-defense protections

Runtime protections: Defenses against runtime attacks like code injection and modification secure the code and keys, when the app is running.
Tamper detection: If unauthorized modifications are detected, the app can protect itself by invalidating keys or shutting down.
Resistance to fault injection: Protections against fault injection attacks maintain the integrity of cryptographic operations even under attack conditions.

Use cases in mobile app security

Here’s how white-box cryptography helps in mobile app security:

Reverse engineering prevention: It integrates encryption and obfuscation, making it difficult for attackers to understand the code structure and extract sensitive information.
Unauthorized access prevention: By securely embedding cryptographic keys within the code, it ensures that even if the app is compromised, the keys remain protected and inaccessible.
Static analysis resistance: Obfuscation makes the code hard to analyze using static analysis tools, preventing access to the app's functionality and key extraction.
Runtime code modification protection: It includes runtime protections that detect and prevent attempts to modify the code during execution.
Timing attack prevention: It obscures execution patterns, making it difficult for attackers to gather information from timing analysis and deduce the keys or sensitive data.

White-box cryptography vs. black-box cryptography

Black-box cryptography: It stores cryptographic keys in a secure, isolated hardware environment like hardware security module (HSM). Black-box cryptography uses no obfuscation and relies on hardware security, assuming a safe and trusted environment.
White-box cryptography: It secures keys within the app code, and obfuscates both the app code and the cryptographic keys. White-box cryptography is designed to work in an untrusted environment and can resist reverse engineering and tampering attacks.

In terms of overall security, black-box cryptography tends to offer stronger protection due to hardware isolation, but white-box cryptography provides critical security in situations where the environment cannot be trusted and hardware-based solutions aren't feasible. So, the "more secure" option depends on whether you're securing a trusted or untrusted environment.

Feature	White-box cryptography	Black-box cryptography
Cryptographic keys	Embedded directly into the app.	Stored in a secure. isolated environment like HSM.
Obfuscation	Code and keys obfuscated.	No obfuscation, relies on hardware security.
Environment	Protects keys in insecure environments.	Assumes a secure and trusted environment.
Use case	Mobile apps running in unsafe environments.	Suitable for environments where HSM is available to protect keys.

White-box cryptography vs. code obfuscation

White-box cryptography: It securely embeds keys and data by combining encryption and obfuscation. White-box cryptography uses complex methods to obscure keys and code and encrypt them. It is useful to run mobile apps in untrusted environments.
Code obfuscation: It makes the code difficult to read using techniques like renaming variables, adding fake code paths, and restructuring code flow. Code obfuscation does not embed keys and is useful to protect the code intellectual property and hinder code analysis.

Feature	White-box cryptography	Code obfuscation
Purpose	Combines encryption and obfuscation to securely embed keys.	Makes the code difficult to read without embedding keys.
Security	Safeguards keys and data even if the attacker accesses the app.	Prevents reverse engineering by making the code hard to interpret.
Implementation	Complex methods to obscure keys and code and encrypt them.	User renaming variables, adding fake code paths, and restructuring code flow.
Use case	Running mobile apps in untrusted environments.	Protects intellectual property and hinders code analysis.

White-box cryptography vs. encryption

Encryption: It focuses on converting plaintext to ciphertext using cryptography algorithms and keys. It assumes keys are stored in a secure environment. Encryption is used in data transit (like SSL/TSL) and data at rest (like encrypted databases).
White-box cryptography: It embeds cryptographic keys within app code, combining encryption and obfuscation. White-box cryptography protects the keys even in untrusted environments against reverse engineering, static analysis and runtime modifications.

Examples

Banking apps: Financial apps use white-box cryptography to protect account details, transaction data and authentication keys. When you make a payment, the app encrypts sensitive information, embedding the keys securely to prevent unauthorized access.
Digital rights management (DRM): Media streaming services use white-box cryptography to prevent piracy. The keys to decrypt media files are hidden within the app, preventing key extraction and distribution of protected content.
Messaging apps: White-box cryptography encrypts messages and ensures the confidentiality of communication. Cryptographic keys are embedded in the app, preventing them from being exposed or misused by attackers.
IoT devices: In Internet of Things (IoT) environments, white-box cryptography keys are embedded within the device firmware, securing data transmission and preventing unauthorized access.

History

White-box cryptography emerged in response to the increasing need to protect software in environments where hardware-based security is not feasible.

It was first introduced in 2003 by Chow, Eisen, Johnson, and van Oorshot, who proposed initial attempts at white-box DES and AES implementations. Their designs were based on representing ciphers as networks of lookup tables, obfuscated by composing them with small (4- or 8-bit) random encodings. This approach ensured that each individual obfuscated table contained no information about the secret key, forcing potential attackers to analyze multiple tables simultaneously.

Over the next two decades (2005-2022), numerous attempts were made to improve white-box cryptography designs. In 2016, Bos, Hubain, Michiels, and Teuwen demonstrated that adaptations of standard side-channel power analysis attacks could efficiently and automatically break most existing white-box designs.

Future

Emerging technologies such as the Internet of Things (IoT) and edge computing present new challenges and opportunities for white-box cryptography. As more devices become interconnected and operate in potentially insecure environments, the need for robust, software-based security solutions will grow. Additionally, ongoing developments in artificial intelligence and machine learning may offer new methods for enhancing white-box cryptographic techniques and improving their resilience against advanced threats.

The industry's growing interest in white-box cryptography has led to WhibOx contests, which have been initiated especially for DRM and mobile payments. The competition offers researchers and practitioners a platform to test their white-box implementations against state-of-the-art attackers, providing valuable training material for evaluators.

Interest in white-box cryptography continues to grow as industries seek secure methods to protect sensitive data in environments where traditional encryption might not suffice. The WhibOx contest addresses this demand by encouraging innovation and collaboration between academia and industry. It aims to foster new ideas that could significantly advance both scientific research and practical applications in white-box cryptography, making it a crucial event for developing future-proof security solutions.

Sources

View full post