White-box cryptography aims to provide secure cryptographic primitives and implementations for the white-box attack model, which assumes that an adversary has full access to the implementation of the cryptographic algorithms. Real-world applications require highly efficient and secure white-box schemes, whereas the existing proposals cannot meet this demand. In this paper, we design a new white-box block cipher based on addition/rotation/XOR (ARX) primitives and random maximal distance separable (MDS) matrix, white-box ARX (WARX), aiming for efficient implementations in both black- and white-box models. The implementation of WARX in the black-box model is nine times faster than SPNbox-16 from ASI-ACRYPT’16, and the implementation in the white-box model is more efficient than SPNbox-16 and WEM from CT-RSA’17. Moreover, the security of WARX in both black- and white-box models is analyzed, which ensures its practical applicability. The design of WARX shows that ARX primitives and random linear layer can improve the efficiency of a white-box block cipher. This article may inspire more provably secure and efficient white-box block ciphers and help to narrow the gap between provably secure white-box schemes from academia and highly applicable schemes in great demand from industry.

白盒密码学旨在为白盒攻击模型提供安全的密码原语和实现，该模型假设对手可以完全访问密码算法的实现。现实世界的应用需要高效且安全的白盒方案，而现有的方案无法满足这种需求。在本文中，我们设计了一种基于加法/旋转/异或 (ARX) 原语和随机最大距离可分 (MDS) 矩阵白盒 ARX (WARX) 的新白盒分组密码，旨在在黑和白盒模型。WARX 在黑盒模型中的实现比 ASI-ACRYPT'16 中的 SPNbox-16 快 9 倍，白盒模型中的实现比 CT-RSA'17 中的 SPNbox-16 和 WEM 更高效。而且，分析了黑盒和白盒模型中WARX的安全性，保证了其实际适用性。WARX 的设计表明 ARX 原语和随机线性层可以提高白盒分组密码的效率。本文可能会激发出更多可证明安全和高效的白盒分组密码，并有助于缩小学术界可证明安全的白盒方案与工业界需求量很大的高度适用方案之间的差距。