Hiding in Plain Sight: Breaking White-box Cryptography Schemes

Alongside the countless conveniences offered by the modern digital ecosystem are a variety of risks posed by cyberattack. As governments, businesses, and individuals undergo digital transformations, SnT’s CryptoLux Research Group—headed by Prof. Alex Biryukov—is focused on protecting information both in storage and in transit. To do this the team has been working to design novel methods of cryptography that will help reduce the vulnerability of individuals and organisations around the world, most recently by breaking state of the art approaches that were proposed by the leading experts in the field and that were thought to be secure.

Prof. Alexei Biryukov (middle) and CryptoLUX Researchers Aleksei Udovenko (left) and Baptiste Lambin (right)

Cryptography is fundamental area of information security that aims to develop communication and information storage methods that are robust even when under direct attack. Research in this domain involves a simultaneous process of building cryptosystems that can withstand various types of cyber threats, while also actively working on analysis of existing schemes with the goal of revealing previously unknown vulnerabilities.


When cryptography researchers carry out their work, they do so with a predetermined set of parameters about the kinds of cyberattacks one might encounter in the real world. Most frequently, researchers analyse the strengths and weaknesses of cryptosystems within a so-called black-box model, where it is expected that an adversary will not have direct access to internal information during the encryption process. At other times, researchers use a grey box model that assumes some degree of side-channel leakage—or, in other words, that an adversary might perform physical measurements of power consumption, electro-magnetic emanations or even sound, which could correlate with internal secret variables. By contrast, white-box cryptography is designed to withstand the strongest attacks possible, where the adversary has full control over all the internals of the cryptographic implementation.


According to Prof. Biryukov, the design of white-box cryptography has been a long-standing open problem for researchers, as it requires novel methods of hiding secrets (cryptographic keys) in an otherwise open system. It entails, “hiding cryptographic keys in plain sight in a piece of software code, allowing adversaries to examine, run and modify the code, but still preventing the adversaries from learning the secrets.” As he explains further, “there is considerable industrial interest in white-box schemes since they protect against insider threats, code lifting, help software intellectual property protection (via strong code obfuscation), and facilitate easier mobile payments.”


In 2023, Biryukov, alongside fellow CryptoLux researchers Baptiste Lambin and Aleksei Udovenko, made waves at the Conference on Cryptographic Hardware and Embedded Systems—the world’s leading conference dedicated to the design and analysis of cryptographic hardware and software implementations. One year earlier at CRYPTO’22, a team of researchers at Belgium’s KU Leuven had presented a new promising white-box scheme based on novel ideas of implicit functions and quadratic-affine encoding. Over the course of the following year, SnT’s CryptoLux team worked on cryptanalysis of the KU Leuven proposal. 


They presented the results of their efforts at the last year’s conference in Prague to much peer acclaim. “Our paper showed, how, by using sophisticated but efficient algebraic algorithms, we could uncover all the secrets from KU Leuven’s 2022 scheme, thereby revealing its core weaknesses,” Biryukov recounts. “Designers claimed that their white-box scheme would be very difficult or even impossible to attack, but unfortunately that is not the case. However novel ideas of implicit encodings used in this design are still of interest and might be used in the future schemes.”


This research, along with an elaboration of other methods for carrying out white-box attacks, will help reshape white-box cryptographic designs for the years to come. “It’s a dynamic area of research with serious implications for sectors such as defence, finance, energy, and health. Even though cryptography is commonly accepted as a well-advanced and reliable area of information security, there are still plenty of important challenges to tackle in order to ensure safe and cost-efficient digital transformation.”