Obfuscation for Cryptographic Purposes. Wee [Wee05] presented a provably secure obfuscator for a point function, which can be exploited in practice to construct authentication functionalities. ITCC 1 , pages It makes sense to define white-box cryptography accordingly since it reflects more reality. Indeed, it does not suffice to only protect an application against extraction of embedded secret keys. Resources Slides March — slides PhD defense.

Resources Slides March — slides PhD defense. On the Impossibility of Obfuscation with Auxiliary Input. Shafi Goldwasser and Yael Tauman Kalai. The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions. It makes sense to define white-box cryptography accordingly since it reflects more reality. On Obfuscating Point Functions. Ran Canetti and Mayank Varia.

# White-box cryptography

A security notion is a formal description of the security of a cryptographic scheme. On Obfuscating Point Functions. It makes sense to define white-box cryptography accordingly since it reflects more reality.

Indeed, it does not suffice thsis only protect an application against extraction of embedded secret keys. Theory White-box cryptography is often linked with code obfuscation, since both aim to protect software implementations.

Jan 13, version: Obfuscation for Cryptographic Purposes. Similar theoretic approaches have been conceived for white-box cryptography in [Sax09].

The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions. Research Academic research in white-box cryptography can be categorized into three activities.

Resources Slides March — slides PhD defense.

# Bart Preneel | SBA Research

White-box implementations and cryptanalysis results A selection of the state of the art: On the Impossibility of Obfuscation with Auxiliary Input. Positive Results and Techniques for Obfuscation. Wee [Wee05] presented a provably secure obfuscator for a point function, which can baet exploited in practice to construct authentication functionalities.

ITCC 1pages Chand Gupta, and G. Shafi Goldwasser and Yael Tauman Kalai. Both have received similar scepticism on its feasibility and lack of theoretic foundations.

For example, to create the equivalent of a smart-card-based AES encryption function in thezis, it does not suffice that the white-box implementation resists extraction of its embedded key, but it must also be hard to invert. Attacking an obfuscated cipher by injecting faults. For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered.

Wyseur, and Bart Preneel: Nevertheless, this result does not exclude the existence of secure code obfuscators: Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al. On the Im possibility of Obfuscating Programs.

Ran Canetti and Mayank Varia.