Black Hat Europe资料eu-15-Sanfelix-Unboxing-The-White-Box-Practical-Attacks-Against-Obfuscated-Ciphers-wp.pdfVIP

Unboxing the White-Box Practical attacks against Obfuscated Ciphers Eloi Sanfelix Cristofaro Mune Job de Haas eloi@ cristofaro@ job@ 1 Introduction The use of secret codes and ciphers for protecting information dates back to almost 4.000 years ago. Messages were encoded in different means for allowing two parties to communicate, without making the message content available to others. 1.1 Threat models Typical threat modeling applied in cryptography involves a malicious third party attempting to access either the keys used for protecting the content or the protected content itself. In this model, which we refer as the “Black- Box” model, the attacker is assumed to be able to observe and alter the ciphertext, without having access to the systems performing cryptographic operations. Figure 1.1 - Black-Box threat model In some cases the threat model is augmented with the attacker’s ability to interact with the systems performing the crypto operation, via observation and/or alteration of system parts and processes. We refer to this model as “Gray-Box” model, where the attacker has access to the system, but he is still not allowed to access the key and/or to tamper with the cryptographic algorithm and its implementation. Figure 1.2 - Gray-box threat model 1.2 White-box threat model The digitalization of goods and services has allowed the economy to transit to a new “Internet” era, where immaterial goods are digitalized and exchanged over the Internet. Examples are products for entertainment, such as music and movies, or the money itself, which is now available in a digital form and payments are performed by means of cryptographic processes based on delivered payment keys (see Figure 1.3). Figure 1.3 - Digital