Visible to the public Automating the BGE Attack on White-Box Implementations of AES with External Encodings

TitleAutomating the BGE Attack on White-Box Implementations of AES with External Encodings
Publication TypeConference Paper
Year of Publication2020
AuthorsAmadori, A., Michiels, W., Roelse, P.
Conference Name2020 IEEE 10th International Conference on Consumer Electronics (ICCE-Berlin)
Date PublishedNov. 2020
PublisherIEEE
ISBN Number978-1-7281-5885-3
KeywordsAutomated Secure Software Engineering, composability, Consumer electronics, encoding, Manuals, Metrics, pubcrawl, resilience, Resiliency, reverse engineering, secure software, security, Software systems, Standards, test equipment, white box, white box cryptography, White Box Security, white-box cryptography
Abstract

Cloud-based payments, virtual car keys, and digital rights management are examples of consumer electronics applications that use secure software. White-box implementations of the Advanced Encryption Standard (AES) are important building blocks of secure software systems, and the attack of Billet, Gilbert, and Ech-Chatbi (BGE) is a well-known attack on such implementations. A drawback from the adversary's or security tester's perspective is that manual reverse engineering of the implementation is required before the BGE attack can be applied. This paper presents a method to automate the BGE attack on a class of white-box AES implementations with a specific type of external encoding. The new method was implemented and applied successfully to a CHES 2016 capture the flag challenge.

URLhttps://ieeexplore.ieee.org/document/9352195
DOI10.1109/ICCE-Berlin50680.2020.9352195
Citation Keyamadori_automating_2020