Visible to the public An Efficient Structural Analysis of SAS and its Application to White-Box Cryptography

TitleAn Efficient Structural Analysis of SAS and its Application to White-Box Cryptography
Publication TypeConference Paper
Year of Publication2021
AuthorsYim, Hyoungshin, Kang, Ju-Sung, Yeom, Yongjin
Conference Name2021 IEEE Region 10 Symposium (TENSYMP)
Keywordscomposability, cryptography, Encryption, IEEE Regions, Metrics, pubcrawl, resilience, Resiliency, SAS strcuture, security, structural analysis, Synthetic aperture sonar, Table lookup, Time complexity, white box cryptography, White Box Security, white-box
Abstract

Structural analysis is the study of finding component functions for a given function. In this paper, we proceed with structural analysis of structures consisting of the S (nonlinear Substitution) layer and the A (Affine or linear) layer. Our main interest is the S1AS2 structure with different substitution layers and large input/output sizes. The purpose of our structural analysis is to find the functionally equivalent oracle F* and its component functions for a given encryption oracle F(= S2 A S1). As a result, we can construct the decryption oracle F*1 explicitly and break the one-wayness of the building blocks used in a White-box implementation. Our attack consists of two steps: S layer recovery using multiset properties and A layer recovery using differential properties. We present the attack algorithm for each step and estimate the time complexity. Finally, we discuss the applicability of S1AS2 structural analysis in a White-box Cryptography environment.

DOI10.1109/TENSYMP52854.2021.9550967
Citation Keyyim_efficient_2021