Skip to main content
SpringerLink
Log in

WARX: efficient white-box block cipher based on ARX primitives and random MDS matrix

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

White-box cryptography aims to provide secure cryptographic primitives and implementations for the white-box attack model, which assumes that an adversary has full access to the implementation of the cryptographic algorithms. Real-world applications require highly efficient and secure white-box schemes, whereas the existing proposals cannot meet this demand. In this paper, we design a new white-box block cipher based on addition/rotation/XOR (ARX) primitives and random maximal distance separable (MDS) matrix, white-box ARX (WARX), aiming for efficient implementations in both black- and white-box models. The implementation of WARX in the black-box model is nine times faster than SPNbox-16 from ASI-ACRYPT’16, and the implementation in the white-box model is more efficient than SPNbox-16 and WEM from CT-RSA’17. Moreover, the security of WARX in both black- and white-box models is analyzed, which ensures its practical applicability. The design of WARX shows that ARX primitives and random linear layer can improve the efficiency of a white-box block cipher. This article may inspire more provably secure and efficient white-box block ciphers and help to narrow the gap between provably secure white-box schemes from academia and highly applicable schemes in great demand from industry.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Chow S, Eisen P, Johnson H, et al. White-box cryptography and an AES implementation. In: Proceedings of the 9th International Workshop on Selected Areas in Cryptography, 2002. 250–270

  2. Chow S, Eisen P, Johnson H, et al. A white-box DES implementation for DRM applications. In: Proceedings of ACM CCS-9 Workshop on Digital Rights Management, 2002. 1–15

  3. Bringer J, Chabanne H, Dottax E. White box cryptography: another attempt. 2006. https://eprint.iacr.org/2006/468.pdf

  4. Xiao Y Y, Lai X J. A secure implementation of white-box AES. In: Proceedings of the 2nd International Conference on Computer Science and Its Applications, 2009. 1–6

  5. Karroumi M. Protecting white-box AES with dual ciphers. In: Proceedings of the 13th International Conference on Information Security and Cryptology, 2010. 278–291

  6. Billet O, Gilbert H, Ech-Chatbi C. Cryptanalysis of a white box AES implementation. In: Proceedings of the 11th International Workshop on Selected Areas in Cryptography, 2004. 227–240

  7. Lepoint T, Rivain M, de Mulder Y, et al. Two attacks on a white-box AES implementation. In: Proceedings of the 20th International Workshop on Selected Areas in Cryptography, 2013. 265–285

  8. Wyseur B, Michiels W, Gorissen P, et al. Cryptanalysis of white-box DES implementations with arbitrary external encodings. In: Proceedings of the 14th International Workshop on Selected Areas in Cryptography, 2007. 264–277

  9. de Mulder Y, Wyseur B, Preneel B. Cryptanalysis of a perturbated white-box AES implementation. In: Proceedings of the 11th International Conference on Cryptology, 2010. 292–310

  10. de Mulder Y, Roelse P, Preneel B. Cryptanalysis of the Xiao-Lai white-box AES implementation. In: Proceedings of the 19th International Workshop on Selected Areas in Cryptography, 2012. 34–49

  11. Michiels W, Gorissen P, Hollmann H D L. Cryptanalysis of a generic class of white-box implementations. In: Proceedings of the 15th International Workshop on Selected Areas in Cryptography, 2008. 414–428

  12. Derbez P, Fouque P A, Lambin B, et al. On recovering affine encodings in white-box implementations. IACR Trans Cryptogr Hardw Embed Syst, 2018, 3: 121–149

    Article  Google Scholar 

  13. Biryukov A, Bouillaguet C, Khovratovich D. Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract). In: Proceedings of the 20th International Conference on the Theory and Application of Cryptology and Information Security, 2014. 63–84

  14. Gilbert H, Plût J, Treger J. Key-recovery attack on the ASASA cryptosystem with expanding s-boxes. In: Proceedings of the 35th Annual Cryptology Conference, 2015. 475–490

  15. Minaud B, Derbez P, Fouque P A, et al. Key-recovery attacks on ASASA. J Cryptol, 2018, 31: 845–884

    Article  MathSciNet  MATH  Google Scholar 

  16. Bogdanov A, Isobe T. White-box cryptography revisited: space-hard ciphers. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015. 1058–1069

  17. Bogdanov A, Isobe T, Tischhauser E. Towards practical whitebox cryptography: optimizing efficiency and space hardness. In: Proceedings of the 22nd International Conference on the Theory and Application of Cryptology and Information Security, 2016. 126–158

  18. Fouque P A, Karpman P, Kirchner P, et al. Efficient and provable white-box primitives. In: Proceedings of the 22nd International Conference on the Theory and Application of Cryptology and Information Security, 2016. 159–188

  19. Cho J, Choi K Y, Dinur I. WEM: a new family of white-box block ciphers based on the Even-Mansour construction. In: Proceedings of the Cryptographers’ Track at the RSA Conference, 2017. 293–308

  20. Lin T T, Lai X J, Xue W J, et al. A new Feistel-type white-box encryption scheme. J Comput Sci Technol, 2017, 32: 386–395

    Article  MathSciNet  Google Scholar 

  21. Beaulieu R, Shors D, Smith J, et al. The SIMON and SPECK families of lightweight block ciphers. 2013. https://eprint.iacr.org/2013/404.pdf

  22. Dinu D, Perrin L, Udovenko A, et al. Design strategies for ARX with provable bounds: SPARX and LAX. In: Proceedings of the 22nd International Conference on the Theory and Application of Cryptology and Information Security, 2016. 484–513

  23. Beierle C, Biryukov A, Santos L C, et al. Alzette: a 64-bit ARX-box (feat. CRAX and TRAX). In: Proceedings of the 40th Annual International Cryptology Conference, 2020. 419–448

  24. Biryukov A, Velichkov V, Le Corre Y. Automatic search for the best trails in ARX: application to block cipher SPECK. In: Proceedings of the 23rd International Conference on Fast Software Encryption, 2016. 289–310

  25. Daemen J, Rijmen V. The wide trail design strategy. In: Proceedings of the 8th IMA International Conference on Cryptography and Coding, 2001. 222–238

  26. Barreto P, Rijmen V. The Khazad legacy-level block cipher. NESSIE Project, 2000. https://www.researchgate.net/publication/228924670_The_Khazad_legacy-level_block_cipher

  27. National Institute of Standards and Technology. Recommendation for key derivation using pseudorandom functions. NIST SP 800-108. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-108.pdf

  28. National Institute of Standards and Technology. SHA-3 standard: permutation-based hash and extendable-output functions. FIPS PUB 202. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

  29. Biryukov A, Perrin L. State of the art in lightweight symmetric cryptography. 2017. https://eprint.iacr.org/2017/511.pdf

  30. Lai X J, Massey J, Murphy S. Markov ciphers and differential cryptanalysis. In: Proceedings of the 10th Workshop on the Theory and Application of Cryptographic Techniques, 1991. 17–38

  31. Kölbl S, Leander G, Tiessen T. Observations on the SIMON block cipher family. In: Proceedings of the 35th Annual Cryptology Conference, 2015. 161–185

  32. Fu K, Wang M Q, Guo Y H, et al. MILP-based automatic search algorithms for differential and linear trails for SPECK. In: Proceedings of the 23rd International Conference on Fast Software Encryption, 2016. 268–288

  33. Albrecht M, Rechberger C, Schneider T, et al. Ciphers for MPC and FHE. In: Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2015. 430–454

  34. Dinur I, Kales D, Promitzer A, et al. Linear equivalence of block ciphers with partial non-linear layers: application to LowMC. In: Proceedings of the 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2019. 343–372

  35. Randall D. Efficient generation of random nonsingular matrices. Random Struct Alg, 1993, 4:111–118

    Article  MathSciNet  MATH  Google Scholar 

  36. Murtaza G, Ikram N. Direct exponent and scalar multiplication classes of an MDS matrix. 2011. https://eprint.iacr.org/2011/151.pdf

  37. Daemen J, Rijmen V. The Design of Rijndael: the Advanced Encryption Standard (AES). Berlin: Springer, 2020

    Book  MATH  Google Scholar 

  38. Diffie W, Hellman M E. Special feature exhaustive cryptanalysis of the NBS data encryption standard. Computer, 1977, 10: 74–84

    Article  Google Scholar 

  39. Biham E, Shamir A. Differential Cryptanalysis of the Data Encryption Standard. Berlin: Springer, 1993

    Book  MATH  Google Scholar 

  40. Matsui M. Linear cryptanalysis method for DES cipher. In: Proceedings of the 12th Workshop on the Theory and Application of Cryptographic Techniques, 1993. 386–397

  41. Biryukov A, Shamir A. Structural cryptanalysis of SASAS. In: Proceedings of the 20th International Conference on the Theory and Application of Cryptographic Techniques, 2001. 395–405

  42. Knudsen L, Wagner D. Integral cryptanalysis (extended abstract). In: Proceedings of the 9th International Workshop on Fast Software Encryption, 2002. 112–127

  43. Daemen J, Knudsen L, Rijmen V. The block cipher square. In: Proceedings of the 4th International Workshop on Fast Software Encryption, 1997. 149–165

  44. Biryukov A, Khovratovich D. Decomposition attack on SASASASAS. 2015. https://eprint.iacr.org/2015/646.pdf

  45. Perrin L. Cryptanalysis, reverse-engineering and design of symmetric cryptographic algorithms. Dissertation for Ph.D. Degree. Luxembourg: University of Luxembourg, 2017

    Google Scholar 

  46. Boura C, Canteaut A, Cannière C. Higher-order differential properties of KECCAK and Luffa. In: Proceedings of the 18th International Workshop on Fast Software Encryption, 2011. 252–269

  47. Biryukov A, Wagner D. Slide attacks. In: Proceedings of the 6th International Workshop on Fast Software Encryption, 1999. 245–259

  48. Biryukov A, Wagner D. Advanced slide attacks. In: Proceedings of the 19th International Conference on the Theory and Application of Cryptographic Techniques, 2000. 589–606

  49. Bar-On A, Biham E, Dunkelman O, et al. Efficient slide attacks. J Cryptol, 2018, 31: 641–670

    Article  MathSciNet  MATH  Google Scholar 

  50. Shannon C E. Communication theory of secrecy systems. Bell Syst Tech J, 1949, 28: 656–715

    Article  MathSciNet  MATH  Google Scholar 

  51. Courtois N T, Pieprzyk J. Cryptanalysis of block ciphers with overdefined systems of equations. In: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security, 2002. 267–287

  52. Albrecht M. Algorithmic algebraic techniques and their application to block cipher cryptanalysis. Dissertation for Ph.D. Degree. London: Royal Holloway, University of London, 2010

    Google Scholar 

  53. Ankele R, List E. Differential cryptanalysis of round-reduced SPARX-64/128. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security, 2018. 459–475

  54. Ankele R, Kölbl S. Mind the GAP-a closer look at the security of block ciphers against differential cryptanalysis. In: Proceedings of the 25th International Conference on Selected Areas in Cryptography, 2018. 163–190

  55. Sun L, Wang W, Wang M Q. Automatic search of bit-based division property for ARX ciphers and word-based division property. In: Proceedings of the 23rd International Conference on the Theory and Applications of Cryptology and Information Security, 2017. 128–157

  56. Eskandari Z, Kidmose A B, Kölbl S, et al. Finding integral distinguishers with ease. In: Proceedings of the 25th International Conference on Selected Areas in Cryptography, 2018. 115–138

  57. Sun L, Wang W, Liu R, et al. MILP-aided bit-based division property for ARX ciphers. Sci China Inf Sci, 2018, 61: 118102

    Article  MathSciNet  Google Scholar 

  58. Braeken A, Semaev I. The ANF of the composition of addition and multiplication mod 2n with a boolean function. In: Proceedings of the 12th International Workshop on Fast Software Encryption, 2005. 112–125

  59. Liu Y W, de Witte G, Ranea A, et al. Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Trans Symmetric Cryptol, 2017, 3: 24–36

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Key R&D Program of China (Grant No. 2017YFB0802000), National Natural Science Foundations of China (Grant Nos. 61672412, 61972457, 61902303, U19B2021), National Cryptography Development Fund of China (Grant Nos. MMJJ20170104, MMJJ20180219), China Scholarship Council (Grant No. 201806960067), Key Research and Development Program of Shaanxi (Grant No. 2020ZDLGY08-04), and Natural Science Basic Research Program of Shaanxi (Grant No. 2020JQ-832). We thank Adrián Ranea for fruitful discussions and reviewers for their effort.

Author information

Authors and Affiliations

  1. State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an, 710071, China

    Jun Liu, Yupu Hu, Jie Chen & Baocang Wang

  2. Interuniversity Microelectronics Centre & Computer Security and Industrial Cryptography Group, KU Leuven, Leuven, 3001, Belgium

    Jun Liu & Vincent Rijmen

  3. Department of Informatics, University of Bergen, Bergen, 5020, Norway

    Vincent Rijmen

Authors
  1. Jun Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vincent Rijmen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yupu Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jie Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Baocang Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Jun Liu or Vincent Rijmen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liu, J., Rijmen, V., Hu, Y. et al. WARX: efficient white-box block cipher based on ARX primitives and random MDS matrix. Sci. China Inf. Sci. 65, 132302 (2022). https://doi.org/10.1007/s11432-020-3105-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-020-3105-1

Keywords

Search

Navigation