Automating the BGE Attack on White-Box Implementations of AES with External Encodings
Title | Automating the BGE Attack on White-Box Implementations of AES with External Encodings |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Amadori, A., Michiels, W., Roelse, P. |
Conference Name | 2020 IEEE 10th International Conference on Consumer Electronics (ICCE-Berlin) |
Date Published | Nov. 2020 |
Publisher | IEEE |
ISBN Number | 978-1-7281-5885-3 |
Keywords | Automated Secure Software Engineering, composability, Consumer electronics, encoding, Manuals, Metrics, pubcrawl, resilience, Resiliency, reverse engineering, secure software, security, Software systems, Standards, test equipment, white box, white box cryptography, White Box Security, white-box cryptography |
Abstract | Cloud-based payments, virtual car keys, and digital rights management are examples of consumer electronics applications that use secure software. White-box implementations of the Advanced Encryption Standard (AES) are important building blocks of secure software systems, and the attack of Billet, Gilbert, and Ech-Chatbi (BGE) is a well-known attack on such implementations. A drawback from the adversary's or security tester's perspective is that manual reverse engineering of the implementation is required before the BGE attack can be applied. This paper presents a method to automate the BGE attack on a class of white-box AES implementations with a specific type of external encoding. The new method was implemented and applied successfully to a CHES 2016 capture the flag challenge. |
URL | https://ieeexplore.ieee.org/document/9352195 |
DOI | 10.1109/ICCE-Berlin50680.2020.9352195 |
Citation Key | amadori_automating_2020 |