WAS: improved white-box cryptographic algorithm over AS iteration

The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, WAS, an improved whit...

Full description

Saved in:
Bibliographic Details
Published inCybersecurity (Singapore) Vol. 6; no. 1; pp. 56 - 11
Main Authors Yang, Yatao, Zhai, Yuying, Dong, Hui, Zhang, Yanshuo
Format Journal Article
LanguageEnglish
Published Singapore Springer Nature Singapore 08.12.2023
Springer Nature B.V
SpringerOpen
Subjects
Algorithms
Anti-code lifting
Anti-key extraction
Block cipher
Computer Applications
Computer Science
Cryptography
Cybercrime
Diffusion layers
Iterative methods
Lookup tables
Mathematical analysis
Mathematical models
Security
Substitution permutation network structure
White-box cryptography
Anti-code lifting
Anti-key extraction
Block cipher
White-box cryptography
Substitution permutation network structure
Online AccessGet full text

Cover

More Information
Summary:The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, WAS, an improved white-box cryptographic algorithm over AS iteration is proposed. This scheme utilizes the AS iterative structure to construct a lookup table with a five-layer ASASA structure, and the maximum distance separable matrix is used as a linear layer to achieve complete diffusion in a small number of rounds. Attackers can be prevented from recovering the key under black-box model. The length of nonlinear layer S and affine layer A in lookup table is 16 bits, which effectively avoids decomposition attack against the ASASA structure and makes the algorithm possess anti-key extraction security under the white-box model, while WAS possesses weak white-box (32 KB, 112)-space hardness to satisfy anti-code lifting security. WAS has provable security and better storage cost than existing schemes, with the same anti-key extraction security and anti-code lifting security, only 128 KB of memory space is required in WAS, which is only 14% of SPACE-16 algorithm and 33% of Yoroi-16 algorithm.
ISSN:2523-3246
2523-3246
DOI:10.1186/s42400-023-00192-7