Towards practical white-box lightweight block cipher implementations for IoTs

According to the Kerckhoffs's principle, the security of a system should be only depended on the security of its secret key. To build the trusted computing base, Secure Element (SE) and Trusted Execution Environment (TEE) have been proposed for secure computing and authentication. But users still need to believe that SE and TEE-supported hardware will not be evil or intruded. In order to totally remove the dependence of extra hardware, white-box cryptography was introduced by Chow et al. (2002) which gives a software solution for AES implementations in an extremely hostile environment. After Chow et al.'s seminal paper, many white-box implementations were proposed on different block ciphers. In IoTs applications, SE and TEE might have the practical issues if the implementation costs are constrained. In this paper, we first discuss the practical issues that relate to white-box block cipher implementations from lightweight block ciphers. Furthermore, we give the white-box implementations of KLEIN, Present and LBlock as the typical candidates that represent the Substitution-Permutation Network (SPN) and Feistel structures. Finally the performance and the costs are compared with the white-box AES implementation. The comparison shows that white-box implementations are not only related to block and key lengths, but also the structure of the cipher and its white-box implementation methodology strongly affect the implementation costs. (C) 2018 Elsevier B.V. All rights reserved.