[PPT] - Fast White-Box Implementations of Dedicated Ciphers on the ARMv8 PowerPoint Presentation

SLIDE 1

Fast White-Box Implementations

f Dedicated Ciphers on

the ARMv8 Architecture

F´ elix Carvalho Rodrigues,

H. Fujii, A. C. Serpa, G. Sider, R. Dahab, J. L´
pez

October 3, 2019

Laboratory of Security and Cryptography, Institute of Computing, University of Campinas (Unicamp) This research was partially supported by Samsung Eletrˆ

nica da Amazˆ
nia Ltda., through

the “White Box Cryptography” project, within the scope of the Informatics Law No. 8248/91. 1

SLIDE 2

Index

Introduction Dedicated Ciphers SPACE WEM SPNbox Implementation Optimizing SPNbox Results

2

SLIDE 3

Introduction

SLIDE 4

White-box threat model: direct access to environment

Black-Box:

Access only to

plaintexts and ciphertexts

No leakage

from implementation

No access to

executing environment

3

SLIDE 5

White-box threat model: direct access to environment

Grey-Box (hardware side-channel):

Some leakage

from implementation available

Timing analysis,

Power analysis

No (direct)

access to executing environment

3

SLIDE 6

White-box threat model: direct access to environment

In a White-Box context, an attacker can:

Access the

memory

Manipulate the

execution

Analyze binary

code

3

SLIDE 7

White-box threat model: direct access to environment

(a) Black Box Model (b) Grey Box Model (c) White Box Model Access to:

plaintext
ciphertext

Access to:

plaintext
ciphertext
side channel

01010101 11110101 01000001 11011011 10101010

Access to:

plaintext
ciphertext
side channel
execution

environment information information

In a White-Box context, an attacker can:

Access the

memory

Manipulate the

execution

Analyze binary

code How to protect against such powerful adversaries?

3

SLIDE 8

White-Box Cryptography: first attempts

White-Box Cryptography:

Design and secure the implementations of cryptographic

algorithms running in untrusted environments First attempt: standard block cipher (e.g., AES):

Protect implementation through a network of lookup tables
Several proposed implementations [Chow et al., 2003,

Bringer et al., 2006, Xiao and Lai, 2009, Karroumi, 2011]

Academic proposals mostly broken: [Billet et al., 2005,

Goubin et al., 2007, Michiels et al., 2009, De Mulder et al., 2010, Lepoint et al., 2014, De Mulder et al., 2013]

Some hope? CHES 2019 white-box challenge [WhibOx, 2019]

had three implementations which are still unbroken!

4

SLIDE 9

White-Box Cryptography: first attempts

White-Box Cryptography:

Design and secure the implementations of cryptographic

algorithms running in untrusted environments First attempt: standard block cipher (e.g., AES):

Protect implementation through a network of lookup tables
Several proposed implementations [Chow et al., 2003,

Bringer et al., 2006, Xiao and Lai, 2009, Karroumi, 2011]

Academic proposals mostly broken: [Billet et al., 2005,

Goubin et al., 2007, Michiels et al., 2009, De Mulder et al., 2010, Lepoint et al., 2014, De Mulder et al., 2013]

Some hope? CHES 2019 white-box challenge [WhibOx, 2019]

had three implementations which are still unbroken! BROKEN! AES seems to be hard to protect in a white-box context...

4

SLIDE 10

Dedicated Ciphers

SLIDE 11

Dedicated White-Box Block Ciphers

Idea:

Design a block cipher from the ground up to be “secure” in a

white-box context Focus of currently proposed dedicated ciphers:

Unbreakability
Protection against key extraction
Given access to a white-box implementation, the attacker must not

be able to extract the secret key embedded in the cipher

Incompressibility

5

SLIDE 12

Dedicated White-Box Block Ciphers

Idea:

Design a block cipher from the ground up to be “secure” in a

white-box context Focus of currently proposed dedicated ciphers:

Unbreakability
Incompressibility
Mitigation against code lifting
Given full access to a white-box cipher implementation, the

attacker must not be able to produce a smaller implementation

Given “almost full” access to a white-box cipher implementation,

the attacker must not be able to encrypt or decrypt any message with a significant probability

5

SLIDE 13

Proposals considered in this work

Proposals:

SPACE [Bogdanov and Isobe, 2015]
SPNbox [Bogdanov et al., 2016a]
WEM [Cho et al., 2017].

Parameters:

nin: determines lookup table input size of ciphers:
SPACE-16 ≡ SPACE instantiated with nin = 16
We consider nin either 8 or 16 in this work
R: number of rounds of cipher

No complete comparisons were made in relation to each other in previous works!

6

SLIDE 14

SPACE Family of Ciphers

Based on a Feistel Network
In each round, the state is

rotated left

Number of rounds:
R = 128 for nin = 16
R = 300 for nin = 8

Example: single round of SPACE-16

7

SLIDE 15

SPACE-16: Feistel function

In the black-box:

Extract 16 bits from state and

concatenate with zero vector

Encrypt with AES and master key
Discard 16 bits from output and return

the remaining 112 bits In the white-box:

Extract 16 bits from state
Encrypt with a lookup table of 16-to-112

bits For both: after result add round constant

8

SLIDE 16

White-box Even-Mansour ciphers

⇒

Based on the Even-Mansour scheme:

Keys are replaced by

incompressible S-boxes

Public permutation is

defined as 5 rounds of AES with a zeroed key

The proposed cipher uses

12 rounds

9

SLIDE 17

WEM: S-box generation

To generate each m-to-m S-box:

Generate long sequence of

pseudo-random bits from secret key k

Generate sequence

T = (0, . . . , 2m)

Shuffle T using the generated

pseudo-random bits from k

10

SLIDE 18

SPNbox Family of Ciphers

Algorithm:

Substitution Layer (Snin): divide

state into nin-bit blocks and run a mini block cipher for each block with secret key

Permutation Layer (θ): multiply

state by a matrix in GF(2nin)

Affine Layer (σ): add round

constant

Repeat for 10 rounds

One round of SPNBox-16’s

uter cipher

11

SLIDE 19

SPNbox: small inner cipher

One round of SPNbox-32’s inner cipher

Smaller SPN guarantees the

substitution phase of its bigger counterpart

Repurposes some AES operations:
SB uses SubBytes operation from

AES

MC uses the MixColumns operation

from AES

AK is a simple key addition
Number of rounds depends on its

size nin

In a white-box context, this inner

SPN cipher becomes a lookup table

12

SLIDE 20

Implementation

SLIDE 21

ARMv8-A Architecture

32 SIMD/NEON 128-bit registers

(NEON mode):

each register can be interpreted as

16 bytes, 8 halfwords, 4 words or 2 doublewords

Cortex-A75:
Two 8 stage NEON instruction

pipeline

One separate load/store pipeline for

NEON instructions

Important NEON instructions: tbl/tbx,

rev, ext;

13

SLIDE 22

Pipeline Vs Cache Optimization

Pipelined implementation (4-way):

14

SLIDE 23

Pipeline Vs Cache Optimization

Horizontal implementation (“all blocks”-way):

15

SLIDE 24

SPACE and WEM Implementation details

SPACE:

Benefits from a pipelined

memory access

For a single block, only a

couple of NEON operations:

A couple of eor additions
A byte rotation with an ext
Favors large pipelined

implementations, less suitable for H-way

Pad lookup table for better

memory alignment WEM:

Both horizontal and

intercalated strategies have merit

For pipelined implementation,

we separated the 16-to-16 lookup tables as two 16-to-8 tables:

This allows for a lookup

table to fit into a L2 cache

n lower end hardware
Use hardware crypto

extensions (AES functions)

16

SLIDE 25

SPNbox Optimizations

Allows for greater optimization opportunities
Four main implementations: One block, multiple blocks

(transposed), lookup table multiplications and horizontal

Main point for optimization: its matrix multiplication (θ layer)

17

SLIDE 26

Single Block: Permutations and Multiplications

Let Ti(S) = S × i:
Multiplication of state S by a polynomial i

translates to a series of constant-time polynomial additions and multiplications by x in GF(216):

sshr v2.8h,v0.8h, #15 // v0 is the state shl v0.8h,v0.8h, #1 // v1 is the mask 0x002B and v2.8h,v1.8h,v2.8h eor v0.8h,v0.8h,v2.8h

The result of R = M16 × S can be written as:

R = T1(S) ⊕ P1(T3(S)) ⊕ P2(T4(S)) ⊕ P3(T5(S))⊕ P4

T6(S) ⊕ P1(T8(S)) ⊕ P2(TB(S)) ⊕ P3(T7(S))
where

18

SLIDE 27

Transposing Multiple Blocks

By transposing blocks we can eliminate permutations: The result Ri, for i from 0 to 7, can be seen as: Ri = Tai,0(S′

0) ⊕ Tai,1(S′ 1) ⊕ Tai,2(S′ 2) ⊕ Tai,3(S′ 3)⊕

Tai,4(S′

4) ⊕ Tai,5(S′ 5) ⊕ Tai,6(S′ 6) ⊕ Tai,7(S′ 7), 19

SLIDE 28

SPNbox8: Constant-Time Vs Lookup Tables

Constant-Time:

Use tbl operation to perform

constant-time lookups

Apply masks 0x40, 0x80, 0xC0 into v1,v2,v3. Then: tbl v0.16b, {v16.16b -- v19.16b}, v0.16b tbl v1.16b, {v20.16b -- v23.16b}, v1.16b tbl v2.16b, {v24.16b -- v27.16b}, v2.16b tbl v3.16b, {v28.16b -- v31.16b}, v3.16b Sum (eor) up v0,v1,v2,v3 to obtain final lookup

Require lots of registers: 16

for lookup table alone

Use horizontal strategy to

prevent register spill

About two times slower than

best implementation Lookup θ layer (LUT):

Similar to lookup table

implementations of AES, decompose matrix into column multiplications

Store precomputed

multiplications into lookup tables, composed with γ layer

Great when the lookup tables

fit into cache

Can be adjusted based on

cache size: permutations can replace lookups

20

SLIDE 29

Results

SLIDE 30

Experimental Setup

CPUs: Cortex-A57 Exynos7420 Cortex-A57 core clocked at 2100MHz, equipped with 2MiB of L2 cache shared across all A55 cores (from a Samsung Galaxy S6) Cortex-A75 SDM845 Cortex-A75 core clocked at 2803MHz, equipped with 256KiB of L2 cache for each core and 2MiB of shared L3 cache (from a Samsung Galaxy S9)

Used CTR mode of operation
Average of 215 iterations for messages of 2KiB
Used C code with NEON intrinsics, compiled with clang

21

SLIDE 31

Performance on different strategies

For SPNBox8 and 16 (Cortex-A75):

Different nin leads

to difference in performance of strategies

LUT clearly better

for SPNBox8

8-way strategy

slightly better for SPNbox16

22

SLIDE 32

Performance comparison

Performance for Cortex A75 and A57:

23

SLIDE 33

SPNbox16 Analysis

Additional tests for SPNbox16:

Use ECB to remove possible

interference from CTR

Make a version removing impact
f cache misses
Make “partial” ciphers:
ECB-Gamma: only the γ layer
ECB-Theta: both θ and σ

Found difference in measured times when compared to Bogdanov et

al. implementation [Bogdanov et al., 2016b].

24

SLIDE 34

Conclusions

First comparison of the three ciphers in the same hardware

(ARMv8 Cortex-A75, A57, etc)

While still far from hardware-aided AES implementations,

dedicated ciphers can be competitive when considering software implementations

On a Cortex-A75:
Optimized AES in software ≈ 20 CPB
Best dedicated cipher (SPNBox) ≈ 30 CPB
Worst dedicated cipher (SPACE) ≈ 100 CPB
Cache matters! Some ciphers presented better results in a

Cortex-A57 because of the different cache configurations

25

SLIDE 35

Thank you. Any questions?

Fast White-Box Implementations

f Dedicated Ciphers on

the ARMv8 Architecture

F´ elix Carvalho Rodrigues,

H. Fujii, A. C. Serpa, G. Sider, R. Dahab, J. L´
pez

October 3, 2019

Laboratory of Security and Cryptography, Institute of Computing, University of Campinas (Unicamp) This research was partially supported by Samsung Eletrˆ

nica da Amazˆ
nia Ltda., through

the “White Box Cryptography” project, within the scope of the Informatics Law No. 8248/91. 26

SLIDE 36

References i

Billet, O., Gilbert, H., and Ech-Chatbi, C. (2005). Cryptanalysis of a white box aes implementation. In Handschuh, H. and Hasan, M. A., editors, Selected Areas in Cryptography, pages 227–240, Berlin, Heidelberg. Springer Berlin Heidelberg. Bogdanov, A. and Isobe, T. (2015). White-box cryptography revisited: Space-hard ciphers. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, pages 1058–1069, New York, NY, USA. ACM.

27

SLIDE 37

References ii

Bogdanov, A., Isobe, T., and Tischhauser, E. (2016a). Towards practical whitebox cryptography: Optimizing efficiency and space hardness. In Cheon, J. H. and Takagi, T., editors, Advances in Cryptology – ASIACRYPT 2016, pages 126–158, Berlin, Heidelberg. Springer Berlin Heidelberg. Bogdanov, A., Isobe, T., and Tischhauser, E. (2016b). Towards practical whitebox cryptography: Optimizing efficiency and space hardness. In Cheon, J. H. and Takagi, T., editors, Advances in Cryptology – ASIACRYPT 2016, pages 126–158, Berlin, Heidelberg. Springer Berlin Heidelberg.

28

SLIDE 38

References iii

Bringer, J., Chabanne, H., and Dottax, E. (2006). White box cryptography: Another attempt. Cryptology ePrint Archive, Report 2006/468.

https://eprint.iacr.org/2006/468.

Cho, J., Choi, K. Y., Dinur, I., Dunkelman, O., Keller, N., Moon, D., and Veidberg, A. (2017). Wem: A new family of white-box block ciphers based on the even-mansour construction. In Handschuh, H., editor, Topics in Cryptology – CT-RSA 2017, pages 293–308, Cham. Springer International Publishing.

29

SLIDE 39

References iv

Chow, S., Eisen, P ., Johnson, H., and Van Oorschot, P . C. (2003). White-box cryptography and an aes implementation. In Nyberg, K. and Heys, H., editors, Selected Areas in Cryptography, pages 250–270, Berlin, Heidelberg. Springer Berlin Heidelberg. De Mulder, Y., Roelse, P ., and Preneel, B. (2013). Cryptanalysis of the xiao – lai white-box aes implementation. In Knudsen, L. R. and Wu, H., editors, Selected Areas in Cryptography, pages 34–49, Berlin, Heidelberg. Springer Berlin Heidelberg.

30

SLIDE 40

References v

De Mulder, Y., Wyseur, B., and Preneel, B. (2010). Cryptanalysis of a perturbated white-box aes implementation. In Gong, G. and Gupta, K. C., editors, Progress in Cryptology - INDOCRYPT 2010, pages 292–310, Berlin, Heidelberg. Springer Berlin Heidelberg. Goubin, L., Masereel, J.-M., and Quisquater, M. (2007). Cryptanalysis of white box des implementations. In Adams, C., Miri, A., and Wiener, M., editors, Selected Areas in Cryptography, pages 278–295, Berlin, Heidelberg. Springer Berlin Heidelberg.

31

SLIDE 41

References vi

Karroumi, M. (2011). Protecting white-box aes with dual ciphers. In Rhee, K.-H. and Nyang, D., editors, Information Security and Cryptology - ICISC 2010, pages 278–291, Berlin, Heidelberg. Springer Berlin Heidelberg. Lepoint, T., Rivain, M., De Mulder, Y., Roelse, P ., and Preneel, B. (2014). Two attacks on a white-box aes implementation. In Lange, T., Lauter, K., and Lisonˇ ek, P ., editors, Selected Areas in Cryptography – SAC 2013, pages 265–285, Berlin,

Heidelberg. Springer Berlin Heidelberg.

32

SLIDE 42

References vii

Michiels, W., Gorissen, P ., and Hollmann, H. D. L. (2009). Cryptanalysis of a generic class of white-box implementations. In Avanzi, R. M., Keliher, L., and Sica, F ., editors, Selected Areas in Cryptography, pages 414–428, Berlin, Heidelberg. Springer Berlin Heidelberg. WhibOx (2019). WhibOx Contest Edition 2. https://whibox.cyber-crypt.com/.

Accessed: 2019-09-30.

Xiao, Y. and Lai, X. (2009). A secure implementation of white-box aes. In 2009 2nd International Conference on Computer Science and its Applications, pages 1–6.

33