|
|
|
|
|
|
by pbsd
3972 days ago
|
|
|
> This is, cryptographically speaking, a stretch. Not only that, this transforms any symmetric-key encryption scheme into a public-key encryption scheme---share the obfuscated "white-box" code as the public-key for encryption, and use the deobfuscated code for decryption. (The recent cryptographic obfuscation breakthroughs should also be able to do something close to this, but at a ludicrous computational cost, and who knows what the security of it actually is.) The news in this paper is the semi-automation of the attacks using side-channel techniques. I wonder how this would fare with a white-box cipher that used standard DPA countermeasures. I suppose that in the white-box setting there is no guarantee of good randomness, so by zeroing the randomness source similar attacks as this paper's could be mounted. |
|
|