White-box cryptography in practice
White-box cryptography is used in several commercial products and has shown crucial practical value. Indeed, a major challenge in security-centric software such as DRM applications, is to effectively protect cryptographic keys -- this has often been the achilles heal in DRM applications in the past. On top of that, white-box cryptography also enables to leverage other software protection techniques, such as software traceability, tamper resistance, renewability, and so forth.
As a result, white-box cryptography has become a necessary building block in any sane overall software security strategy. For a nice introduction to the need for different levels of software protection, we refer to Rod's recent article on DRM security.
References
- Rod Schultz, The Many Facades of DRM, In MISC HS 5 magazine, pages 58-64, April 2012.
- Brecht Wyseur, White-Box Cryptography: Hiding Keys in Software, In MISC HS 5 magazine, pages 65-72, April 2012.
- Olivier Billet and Henri Gilbert. A Traceable Block Cipher. In Advances in Cryptology - ASIACRYPT 2003, volume 2894 of Lecture Notes in Computer Science, pages 331-346. Springer-Verlag, 2003.
- Wil Michiels and Paul Gorissen. Mechanism for Software Tamper Resistance: an Application of White-Box Cryptography. In Proceedings of 7th ACM Workshop on Digital Rights Management (DRM 2007), pages 82-89.
- Ryad Benadjila, Olivier Billet, and Stanislas Francfort. DRM to Counter Side-Channel Attacks? In Proceedings of 7th ACM Workshop on Digital Rights Management (DRM 2007), pages 23-32.
|