Differential computation analysis: hiding your white-box designs is not enough

J.W. Bos, C. Hubain, W. Michiels, P. Teuwen

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

63 Citations (Scopus)


Although all current scientific white-box approaches of standardized cryptographic primitives are broken, there is still a large number of companies which sell “secure” white-box products. In this paper, we present a new approach to assess the security of white-box implementations which requires neither knowledge about the look-up tables used nor any reverse engineering effort. This differential computation analysis (DCA) attack is the software counterpart of the differential power analysis attack as applied by the cryptographic hardware community. We developed plugins to widely available dynamic binary instrumentation frameworks to produce software execution traces which contain information about the memory addresses being accessed. To illustrate its effectiveness, we show how DCA can extract the secret key from numerous publicly (non-commercial) available white-box programs implementing standardized cryptography by analyzing these traces to identify secret-key dependent correlations. This approach allows one to extract the secret key material from white-box implementations significantly faster and without specific knowledge of the white-box design in an automated manner.

Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems – CHES 2016
Subtitle of host publication18th International Conference, Santa Barbara, California, August 17-19, 2016, Proceedings
EditorsB. Gierlichs , A.Y. Poschmann
Place of PublicationDordrecht
Number of pages22
ISBN (Electronic)978-3-662-53139-6
ISBN (Print)978-3-662-53140-2
Publication statusPublished - 2016
Event18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016 - Santa Barbara, United States
Duration: 17 Aug 201619 Aug 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)03029743
ISSN (Electronic)16113349


Conference18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016
Country/TerritoryUnited States
CitySanta Barbara


Dive into the research topics of 'Differential computation analysis: hiding your white-box designs is not enough'. Together they form a unique fingerprint.

Cite this