A New Attempt of White-box AES Implementation

In this paper, we propose an improved table-based white-box implementation of AES which is able to resist different types of attack, including the BGE attack and De Mulder et al.' s cryptanalysis, to protect information under "white-box attack context". The notion of white-box attack context, introduced by Chow et al., describes a general setting in which cryptographic algorithms are executed in untrusted environments. In this setting, adversaries have attained complete access to the implementations of cryptographic algorithms as well as the dynamic execution environments. The key strategy applied to our design is to compose different operations of the AES round function and convert the composition into encoded lookup tables. The new scheme exploits larger key-dependent tables, each of which contains two bytes of the round keys. We then analyze the security against different types of attack and measure two security metrics: the "white-box diversity" and "ambiguity". The new scheme can withstand the BGE attack due to the utilization of larger mixing bijections and tabulated "ShiftRows"; it can also resist the cryptanalysis of De Mulder et al. since the bindings between "nTMC" and "TSR" are irreducible and the non-linear encodings are introduced to all tables.