Skip to content

DCA related literature

Philippe Teuwen edited this page Dec 30, 2021 · 126 revisions

DCA

Differential Computation Analysis: Hiding your White-Box Designs is Not Enough. Joppe W. Bos and Charles Hubain and Wil Michiels and Philippe Teuwen., CHES 2016, paper (paywall, now free) (c)

@InProceedings{Bos_etal2016,
    author="Bos, J. W. and Hubain, C. and Michiels, W. and Teuwen, P.",
    editor="Gierlichs, B. and Poschmann, A. Y.",
    title="Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough",
    booktitle="Cryptographic Hardware and Embedded Systems -- CHES~2016",
    series="Lecture Notes in Computer Science",
    year="2016",
    publisher="Springer, Heidelberg, Germany",
    address="Santa Barbara, CA, USA",
    volume="9813",
    pages="215--236",
    doi="10.1007/978-3-662-53140-2_11",
}

A minor revision is available freely on ePrint.

Presentations: CYBSEC15, Troopers16, SSTIC 2016, Summer school on real-world crypto and privacy, WhibOx 2016, CHES 2016, Microsoft Research Talks, RWC2017

A French translation is available:

Design de cryptographie white-box : et à la fin, c’est Kerckhoffs qui gagne. Joppe W. Bos and Charles Hubain and Wil Michiels and Philippe Teuwen., SSTIC 2016, paper (pdf)

@InProceedings{Bos_etal2016,
    author="Bos, J. W. and Hubain, C. and Michiels, W. and Teuwen, P.",
    editor="Gierlichs, B. and Poschmann, A. Y.",
    title="Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough",
    booktitle="Cryptographic Hardware and Embedded Systems -- CHES~2016",
    series="Lecture Notes in Computer Science",
    year="2016",
    publisher="Springer, Heidelberg, Germany",
    address="Santa Barbara, CA, USA",
    volume="9813",
    pages="215--236",
    doi="10.1007/978-3-662-53140-2_11",
}

A broader version, including DFA, is available:

White-Box Cryptography: Don’t Forget About Grey-Box Attacks. Estuardo Alpirez Bock and Joppe W. Bos and Chris Brzuska and Charles Hubain and Wil Michiels and Cristofaro Mune and Eloi Sanfelix Gonzalez and Philippe Teuwen and Alexander Treff, J Cryptol (2019) paper (paywall, now free) (c)

Bibtex:

@Article{JC:BBBHMMSTT19,
  author="Bock, E. A. and Bos, J. W. and Brzuska C. and Hubain, C. and Michiels, W. and Mune C. and Sanfelix Gonzalez E. and Teuwen, P. and Treff A.",
  title="White-Box Cryptography: Don't Forget About Grey-Box Attacks",
  pages =        "1095--1143",
  volume =       32,
  month =        oct,
  publisher =    "Springer, Heidelberg, Germany",
  year =         2019,
  journal =      "Journal of Cryptology",
  number =       4,
  doi =          "10.1007/s00145-019-09315-1",
}

A preprint is available freely on ePrint.

Workshops: ECRYPT-NET Workshop on Cryptography Design for the IoT, GreHack 2016

Citing DCA

2015

White-Box Crypto and Smart Cards Friends or Foe? Brecht Wyseur, CARDIS 2015

Unboxing the White-Box Eloi Sanfelix, Cristofaro Mune, Job de Haas, Blackhat Europe 2015, ICMC16, slides (pdf), whitepaper (pdf)

The Birth of Cryptographic Obfuscation -- A Survey Máté Horváth, Levente Buttyán, Cryptology ePrint Archive, Report 2015/412, paper (pdf)

Chicken or the Egg: Computational Data Attacks or Physical Attacks Julien Allibert, Benoit Feix, Georges Gagnerot, Ismael Kane, Hugues Thiebeauld and Tiana Razafindralambo, Cryptology ePrint Archive, Report 2015/1086, paper (pdf)

Applying Software Protection to White-Box Cryptography. Michael Wiener, PPREW-5 Proceedings of the 5th Program Protection and Reverse Engineering Workshop

Balanced encoding of intermediate values within a white-box implementation Wil Michiels, Philippe Teuwen, patent

2016

In the depth of whitebox cryptography algorithms. Hugues Thiebeauld, e-Shard whitepaper, feb 2016.

White-Box Cryptography in the Gray Box - A Hardware Implementation and its Side Channels Pascal Sasdrich, Amir Moradi and Tim Güneysu, 23rd International Conference on Fast Software Encryption, FSE 2016, Bochum, Germany, March 20-23 2016, paper (pdf)

Attacks on White-Box AES Jean-Gaël Rigot, Master’s thesis, Czech Technical University in Prague, May 2016, thesis (pdf)

Side-Channel Attack Analysis of AES White-Box Schemes Jakub Klemsa, Diploma thesis, Czech technical university in Prague, May 2016 thesis (git)

Side-channel attacks against whitebox cryptography implementations on Android Michael Eder, Bachelor's Thesis, Technische Universität München, June 2016, thesis (pdf)

Gehärtete white box implementierung 2 Hermann Drexler, Sven Bauer, Jürgen Pulkus, Giesecke & Devrient Gmbh, WO2016074775 A1, application

Multilateral White-Box Cryptanalysis - Case study on WB-AES of CHES Challenge 2016 Hyunjin Ahn, Dong-Guk Han, Cryptology ePrint Archive, Report 2016/807, paper (pdf)

White-box Cryptography – New Challenges and Research Directions ECRYPT-CSA whitepaper, paper (pdf)

Attacking White-Box AES Constructions Brendan McMillion, Nick Sullivan, Proceedings of the 2016 ACM Workshop on Software PROtection, paper (pdf)

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard, paper (pdf)

Breaking Crypto for Dummies Nikita Abdullin, Zeronights 2016, slides

Evolution of White-Box Cryptography Michael J. Wiener, WhibOx 2016, slides (pdf)

Towards Practical Whitebox Cryptography: Optimizing Efficiency and Space Hardness Andrey Bogdanov, Takanori Isobe, Elmar Tischhauser, Asiacrypt 2016, paper (paywall)

White-box cryptography: practical protection on hostile hosts Yuan Xiang Gu, Harold Johnson, Clifford Liem, Andrew Wajs, Michael J. Wiener, Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering (SSPREW '16), paper (paywall)

An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices Yang Shi, Wujing Wei, Zongjian He, Hongfei Fan, Proceedings of the 32nd Annual Conference on Computer Security Applications (ACSAC '16), paper (paywall)

2017

Analysis of Software Countermeasures for Whitebox Encryption Subhadeep Banik, Andrey Bogdanov, Takanori Isobe, Martin Bjerregaard Jepsen, Cryptology ePrint Archive, Report 2017/183, paper (pdf)

RFA: R-Squared Fitting Analysis Model for Power Attack An Wang, Yu Zhang, Liehuang Zhu, Weina Tian, Rixin Xu, Guoshuang Zhang, Security and Communication Networks, Volume 2017, provisional paper (pdf)

Designing and proving an EMV-compliant payment protocol for mobile devices Véronique Cortier, Alicia Filipiak, Saïd Gharout, Jacques Traoré, 2nd IEEE European Symposium on Security and Privacy (EuroSP'17), paper (pdf)

A Masked White-box Cryptographic Implementation for Protecting against Differential Computation Analysis Seungkwang Lee, Cryptology ePrint Archive, Report 2017/267, paper (pdf)

Ecosystems of Trusted Execution Environment on Smartphones - A Potentially Bumpy Road Assad Umar, Raja Naeem Akram, Keith Mayes, Konstantinos Markantonakis, Third International Conference on Mobile and Secure Services (MobiSecServ 2017), paper (paywall)

Obfuscation with Mixed Boolean-Arithmetic Expressions: Reconstruction, Analysis and Simplification Tools Ninon Eyrolles, Thèse de doctorat de l'Université Paris-Saclay préparée à Université de Versailles Saint-Quentin-en-Yvelines, thesis (pdf)

Use of simulators for side-channel analysis Nikita Veshchikov, Sylvain Guilley, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), paper (paywall)

Practical attacks on commercial white-box cryptography solutions Sanghwan Ahn アン・サンファン, LINE and Intertrust Security Summit 2017 Spring, Tokyo, presentation

SCATTER : A New Dimension in Side-Channel Hugues Thiebeauld, Georges Gagnerot, Antoine Wurcker, Christophe Clavier, paper (pdf)

Analysis of Software Countermeasures for Whitebox Encryption Subhadeep Banik, Andrey Bogdanov, Takanori Isobe, Martin Bjerregaard Jepsen, paper (pdf)

Light-weight white-box encryption scheme with random padding for wearable consumer electronic devices Yang Shi, Xiaoping Wang, Hongfei Fan, paper (paywall)

Dronecrypt - An Ultra-Low Energy Cryptographic Framework for Small Aerial Drones Muslum Ozgur Ozmen, Attila A. Yavuz, paper (pdf)

A Tutorial on Software Obfuscation Sebastian Banescu, Alexander Pretschner, paper (pdf)

White-Box Cryptography Matthieu Rivain, invited talk at CARDIS 2017, paper (pdf)

Discovering Cryptographic Algorithms in Binary Code Through Loop Enumeration Damjan Buhov, Patrick Kochberger, Richard Thron, Sebastian Schritt wieser, paper (paywall)

White-box Implementation of Stream Cipher Kazuhide Fukushima, Seira Hidano, Shinsaku Kiyomoto, paper (pdf)

Differential Fault Analysis of White-box Cryptographic Implementations Benjamin Chidozie Ezepue, paper (pdf)

2018

A White-Box Cryptographic Implementation for Protecting against Power Analysis Seungkwang Lee. paper (pdf)

Attacks and Countermeasures for White-box Designs Alex Biryukov, Aleksei Udovenko, paper (pdf)

How to Reveal the Secrets of an Obscure White-Box Implementation Louis Goubin, Pascal Paillier, Matthieu Rivain, Junwei Wang, paper (pdf)

Towards Fully Automated Analysis of Whiteboxes: Perfect Dimensionality Reduction for Perfect Leakage Cees-Bart Breunesse, Ilya Kizhvatov, Ruben Muijrers, Albert Spruyt, paper (pdf)

Microcontrôleur à flux chiffré d'instructions et de données Thomas Hiscock, Thèse de doctorat préparée au sein du CEA LETI et de L’université de Versailles Saint-Quentin en Yvelines, 2017, thesis (pdf)

On the Ineffectiveness of Internal Encodings - Revisiting the DCA Attack on White-Box Cryptography Estuardo Alpirez Bock, Chris Brzuska, Wil Michiels, Alexander Treff, paper (pdf)

Des attaques en boîte grise pour casser des implémentations cryptographiques en boîte blanche Philippe Teuwen, Multi-System and Internet Security Cookbook-MISC 97, mai 2018. paper (online)

Give me your binary, I'll tell you if it leaks Antoine Bouvet, Nicolas Bruneau, Adrien Facon, Sylvain Guilley, Damien Marion, paper (paywall)

Security Evaluation and Improvement of a White-Box SMS4 Implementation Based on Affine Equivalence Algorithm Tingting Lin, Hailun Yan, Xuejia Lai, Yixin Zhong, Yin Jia, paper (paywall)

Minimizing Side-Channel Attack Vulnerability via Schedule Randomization Nils Vreman, thesis (pdf)

On Recovering Affine Encodings in White-Box Implementations Patrick Derbez, Pierre-Alain Fouque, Baptiste Lambin, Brice Minaud, paper (pdf)

Design and formal analysis of security protocols, an application to electronic voting and mobile payment Alicia Filipiak, thesis (pdf)

Detecting cache-timing vulnerabilities in post-quantum cryptography algorithms Adrien Facon, Sylvain Guilley, Matthieu Lec’Hvien, Alexander Schaub, Youssef Souissi, paper (paywall)

DATA – Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, Georg Sigl, paper (pdf)

Automation of White-Box Cryptography attacks in Android applications Vı́ctor Sánchez Ballabriga, thesis (pdf)

Binary Data Analysis for Source Code Leakage Assessment Adrien Facon, Sylvain Guilley, Matthieu Lec’hvien, Damien Marion, Thomas Perianin, paper (paywall), also as pdf

A Key Leakage Preventive White-box Cryptographic Implementation Seungkwang Lee, Nam-su Jho, Myungchul Kim, paper (pdf)

Algorithmic and Protocol Level Countermeasures to Protect Cryptographic Devices Fabrizio De Santis, thesis (pdf)

White Box Implementations of Dedicated Ciphers on the ARM NEON Architecture Ricardo Dahab, Julio López, Félix Carvalho Rodrigues, Hayato Fujii, Giuliano Sider, Ana Clara Serpa, paper (pdf)

On the Linear Transformation in White-Box Cryptography Seungkwang Lee, Nam-Su Jho, Myungchul Kim, paper (pdf)

Conception et analyse formelle de protocoles de sécurité, une application au vote électronique et au paiement mobile Alicia Filipiak, paper (pdf, French)

Dronecrypt - An Efficient Cryptographic Framework for Small Aerial Drones Muslum Ozgur Ozmen, Attila A. Yavuz, paper (pdf)

Functionality Analysis of Binaries Patrick F. Kochberger, thesis (pdf)

2019

Higher-Order DCA against Standard Side-Channel Countermeasures Andrey Bogdanov, Matthieu Rivain, Philip S. Vejre, Junwei Wang, paper (paywall)

Another Look on Bucketing Attack to Defeat White-Box Implementations Mohamed Zeyad, Houssem Maghrebi, Davide Alessio, Boris Batteux, paper (paywall)

Attacking Hardware AES with DFA Yifan Lu, paper (pdf)

Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations Matthieu Rivain, Junwei Wang, paper (pdf)

White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family Federico Cioschi, Nicolò Fornari, Andrea Visconti, paper (paywall)

Cache-Timing Attacks Still Threaten IoT Devices Sofiane Takarabt, Alexander Schaub, Adrien Facon, Sylvain Guilley, Laurent Sauvage, Youssef Souissi, Yves Mathieu, paper (paywall)

White-Box Implementation of Shamir's Identity-based Signature Scheme Qi Feng, Debiao He, Huaqun Wang, Neeraj Kumar, Kim-Kwang, Raymond Choo, paper (paywall)

Doubly Half-Injective PRGs for Incompressible White-Box Cryptography Estuardo Alpirez Bock, Alessandro Amadori, Joppe W. Bos, Chris Brzuska, Wil Michiels, paper (pdf)

Security Reductions for White-Box Key-Storage in Mobile Payments Estuardo Alpirez Bock, Chris Brzuska, Marc Fischlin, Christian Janson, Wil Michiels, paper (pdf)

Security Techniques for Drones Jongho Won, paper (pdf)

Side-Channel Analysis of Chaos-Based Substitution Box Structures Mehmet Şahi̇n Açikkapi, Fati̇h Özkaynak, Ahmet Bedri̇ Özer, paper (pdf)

Measuring Performances of a White-Box Approach in the IoT Context Daniele Giacomo, Vittorio Albricci, Michela Ceria, Federico Cioschi, Nicolò Fornari, Arvin Shakiba, Andrea Visconti, paper (pdf)

Several Methods for Constructing White-box Solutions Tingting Lin, Hailun Yan, Xuejia Lai, Weidong Qiu, paper (pdf)

How to Sign with White-boxed AES Marc Fischlin, Helene Haagh, paper (paywall), slides (pdf)

Optimization of core components of block ciphers Baptiste Lambin, paper (pdf)

Revisiting Higher-Order Computational Attacks against White-Box Implementations Houssem Maghrebi, Davide Alessio, paper (pdf)

A Secure White Box Implementation of AES Against First Order DCA Ana Clara Zoppi Serpa, Giuliano Sider, Hayato Fujii, Felix Carvalho Rodrigues, Ricardo Dahab, Julio Lopez, paper (pdf)

Randomly perturbing the bytecode of white box cryptography implementations in an attempt to mitigate side-channel attacks Alexander Koski, paper (pdf)

A Secure Shuffling Mechanism for White-Box Attack-Resistant Unmanned Vehicles Jongho Won, Seung-Hyun Seo, Elisa Bertino, paper (paywall)

A DFA Attack on White-Box Implementations of AES with External Encodings Alessandro Amadori, Wil Michiels, Peter Roelse, paper (paywall)

A Light-Weight White-Box Encryption Scheme for Securing Distributed Embedded Devices Yang Shi, Wujing Wei, Hongfei Fan, Man Ho Au, Xiapu Luo, paper (paywall)

Fast white-box implementations of dedicated ciphers on the ARMv8 architecture Félix Carvalho Rodrigues, Hayato Fujii, Ana Clara Zoppi Serpa, Giuliano Sider, Ricardo Dahab, Julio López, paper (paywall), slides (pdf)

White-Box Implementation of the KMAC Message Authentication Code Jiqiang Lu, Zhigang Zhao, Huaqun Guo, paper (paywall)

2020

On the Security Goals of White-Box Cryptography Estuardo Alpirez Bock, Alessandro Amadori, Chris Brzuska, Wil Michiels, paper (pdf)

Defeating State-of-the-Art White-Box Countermeasures with Advanced Gray-Box Attacks Louis Goubin, Matthieu Rivain, Junwei Wang, paper (pdf)

New Higher-Order Differential Computation Analysis on Masked White-Box AES Yechan Lee, Sunghyun Jin, Hanbit Kim, HeeSeok Kim, Seokhie Hong, paper (pdf, Korean)

Exploiting Linearity in White-Box AES with Differential Computation Analysis Jakub Klemsa, Martin Novotný, paper (paywall)

Microarchitecture Online Template Attacks Alejandro Cabrera Aldaya, Billy Bob Brumley, paper (pdf)

一种 NoisyRounds 保护的白盒 AES 实现及其差分故障分析 孙涛唐国俊吴昕锴, 毛振宁, 龚征, paper (pdf, Chinese)

SM4 算法的一种新型白盒实现 姚思, 陈杰, paper (pdf, Chinese)

Toward an Asymmetric White-Box Proposal Lucas Barthelemy, paper (pdf)

Enclave Security and Address-based Side Channels Samuel Weiser, paper (pdf)

Differential Power Analysis of the Picnic Signature Scheme Tim Gellersen, Okan Seker, Thomas Eisenbarth, paper (pdf)

A White-Box Masking Scheme Resisting Computational and Algebraic Attacks Okan Seker, Thomas Eisenbarth, Maciej Liskiewicz, paper (pdf)

Improvement on a Masked White-Box Cryptographic Implementation Seungkwang Lee, Myungchul Kim, paper (pdf)

The Blob: provable incompressibility and traceability in the whitebox model Boris Skoric, Wil Michiels, paper (pdf)

Security Assessment of White-Box Design Submissions of the CHES 2017 CTF Challenge Estuardo Alpirez Bock, Alexander Treff, paper (pdf)

Design of white-box encryption schemes for mobile applications security Sandra Rasoamiaramanana, thesis (pdf)

Cryptographic Obfuscation -- A Survey Máté Horváth, Levente Buttyán, book (paywall)

HMAC and "Secure Preferences": Revisiting Chromium-Based Browsers Security Pablo Picazo-Sanchez, Gerardo Schneider, Andrei Sabelfeld, paper (paywall)

On Self-Equivalence Encodings in White-Box Implementations Adrián Ranea, Bart Preneel, paper (pdf)

Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, Martha Larson, paper (pdf)

Automating the BGE Attack on White-Box Implementations of AES with External Encodings Alessandro Amadori, Wil Michiels, Peter Roelse, paper (paywall)

On the practical security of white-box cryptography Junwei Wang, thesis (pdf)

CHES 2020로 살펴본 부채널 분석 보안 컨퍼런스 연구 동향 김 한 빛, 김 희 석*, paper (pdf)

2021

Dummy Shuffling against Algebraic Attacks in White-box Implementations Alex Biryukov, Aleksei Udovenko, paper (pdf)

Differential Analysis and Fingerprinting of ZombieLoads on Block Ciphers Till Schlüter, Kerstin Lemke-Rust, paper (pdf)

A White-Box Speck Implementation using Self-Equivalence Encodings Joachim Vandersmissen, thesis (pdf)

Structural Attack (and Repair) of Diffused-Input-Blocked-Output White-Box Cryptography Claude Carlet, Sylvain Guilley, Sihem Mesnager, paper (pdf)

Mathematical countermeasures against implementation attacks Pinar Çomak, thesis (pdf)

A White-Box Implementation of IDEA Siyu Pang, Tingting Lin, Xuejia Lai, Zheng Gong, paper (pdf)

Enhanced Encodings for White-Box Designs Alberto Battistello, Laurent Castelnovi, Thomas Chabrier, paper (pdf)

Adaptive Side-Channel Analysis Model and Its Applications to White-Box Block Cipher Implementations Yufeng Tang, Zheng Gong, Tao Sun, Jinhai Chen, Fan Zhang, paper (paywall)

白盒SM4的分析与改进 张跃宇, 徐东, 陈杰, paper (pdf)

Gömülü sistemlerde şifreleme algoritmalarının gerçeklenmesi ve yan kanal ataklarına karşı güçlendirilmesi Mehmet Şahin Açikkapi, thesis (pdf)

Online template attacks: Revisited Alejandro Cabrera Aldaya, Billy Bob Brumley, paper (pdf)

Yoroi: Updatable Whitebox Cryptography Yuji Koike, Takanori Isobe, paper (pdf)

How Not to Protect Your IP -- An Industry-Wide Break of IEEE 1735 Implementations Julian Speith, Florian Schweins, Maik Ender, Marc Fyrbiak, Alexander May, Christof Paar, paper (pdf)

White-Box ECDSA: Challenges and Existing Solutions Emmanuelle Dottax, Christophe Giraud, Agathe Houzelot, paper (paywall)

Ark of the ECC: An open-source ECDSA power analysis attack on a FPGA based Curve P-256 implementation Jean-Pierre Thibault, Colin O’Flynn, Alex Dewar, paper (pdf)

First-Order Side-Channel Leakage Analysis of Masked but Asynchronous AES Antoine Bouvet, Sylvain Guilley, Lukas Vlasak, paper (paywall)

A DCA-resistant Implementation of SM4 for the White-box Context Tingting Lin, Manfred von Willich, Dafu Lou, Phil Eisen, paper (paywall)

A perspective on embracing emerging technologies research for organizational behavior Jestine Philip, paper (pdf)

Media articles

Security Assessment of Software Security: A Closer Look at White-Box Cryptographic Implementations Joppe W. Bos and Wil Michiels, ERCIM News 106, July 2016, issue (pdf)

Security assessment of software security: Why secure sometimes isn’t secure enough NXP blog, 2016, online

NXP warns cryptographic keys can be hacked Richard Wilson, ElectronicsWeekly.com, July 2016, online

Citing SideChannelMarvels

2017

Improved software matching using dynamic information Pieter De Cremer, thesis (pdf)

2018

Enabling a Control System Approach to Side-Channel and Fault Attacks Matthew Carter, thesis (pdf)

EM Analysis in the IoT Context: Lessons Learned from an Attack on Thread Daniel Dinu, Ilya Kizhvatov, paper (pdf)

2019

Detection of hardware trojans and DFA attacks on cryptographic systems through residue checking Ana Lasheras Mas, thesis (pdf)

A Modular and Optimized Toolbox for Side-Channel Analysis Alberto Fuentes Rodríguez, Luis Hernández Encinas, Agustín Martín Muñoz, Bernardo Alarcos Alcázar, paper (pdf)

2021

Return of ECC dummy point additions: Simple Power Analysis on efficient P-256 implementation Andy Russon, paper (pdf)