Attacking an obfuscated cipher by injecting faults. Wee [Wee05] presented a provably secure obfuscator for a point function, which can be exploited in practice to construct authentication functionalities. Positive Results and Techniques for Obfuscation. ITCC 1 , pages For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered. Jan 13, version:

Chand Gupta, and G. Research Academic research in white-box cryptography can be categorized into three activities. Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al. Wyseur, and Bart Preneel: For example, to create the equivalent of a smart-card-based AES encryption function in software, it does not suffice that the white-box implementation resists extraction of its embedded key, but it must also be hard to invert.

On the Impossibility of Obfuscation with Auxiliary Input. Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al.

It makes sense to define white-box cryptography accordingly since it reflects more reality. White-box implementations and cryptanalysis results A selection of the state of the art: Obfuscation for Cryptographic Purposes. Nevertheless, this result does not exclude the existence of secure code obfuscators: Ran Canetti and Mayank Varia.

## Bart Preneel

A security notion is a formal description of the security of a cryptographic scheme. For example, to create the equivalent of a smart-card-based AES encryption function in software, it does not suffice that the white-box implementation resists extraction of its embedded key, but it must barr be hard to invert.

Indeed, it does not suffice to only protect an application against extraction of embedded secret keys. Similar theoretic approaches have been conceived for white-box cryptography in [Sax09].

Theory White-box cryptography is often linked with code obfuscation, since both aim to protect software implementations.

Positive Results and Techniques for Obfuscation. Jan 13, version: Research Academic research in white-box cryptography can be categorized into three activities. Resources Slides March — slides PhD defense.

# Bart Preneel | SBA Research

Shafi Goldwasser and Yael Tauman Kalai. On the Im possibility of Obfuscating Programs. The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions.

Wee [Wee05] presented a provably secure obfuscator for a point function, which can be exploited in barh to construct authentication functionalities. Both have received similar scepticism on its feasibility and lack of theoretic foundations.

Attacking an obfuscated cipher by injecting faults. Chand Gupta, and G.

Wyseur, and Bart Preneel: For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered. ITCC 1pages On Obfuscating Point Functions.