TUM Logo

Side-channel attacks against white-box cryptography implementations on Android

White-box cryptography aims to protect keys of cryptographic primitives in hostile environments. All academic schemes have been broken by cryptanalysts. In 2015, a side-channel attack called Differential Computation Analysis (DCA) was presented. It allows to break nearly all publicly available white-box cryptography implementations without the need for further analyzing or reverse engineering them.This work validates these results and further we try to adapt the attack to a new platform, the Android operating system. Although the toolchain is not completely usable on Android, we feel certain that an adaption of the attack against native libraries is feasible with some additional improvements to the toolchain. For regular Java, we show problems of the approach using the current toolchain.Additionally, we create a Docker container image in order to ease further develop- ment, automation and analysis of white-box binaries. Further, it is possible to speed up attacks by running multiple containers in parallel.

Side-channel attacks against white-box cryptography implementations on Android

Supervisor(s): Dennis Titze ,Julian Schütte
Status: finished
Topic: Android stuff
Author: Michael Eder
Submission: 2016-06-15
Type of Thesis: Bachelorthesis
Proof of Concept No
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching

Astract:

White-box cryptography aims to protect keys of cryptographic primitives in hostile environments. All academic schemes have been broken by cryptanalysts. In 2015, a side-channel attack called Differential Computation Analysis (DCA) was presented. It allows to break nearly all publicly available white-box cryptography implementations without the need for further analyzing or reverse engineering them.This work validates these results and further we try to adapt the attack to a new platform, the Android operating system. Although the toolchain is not completely usable on Android, we feel certain that an adaption of the attack against native libraries is feasible with some additional improvements to the toolchain. For regular Java, we show problems of the approach using the current toolchain.Additionally, we create a Docker container image in order to ease further develop- ment, automation and analysis of white-box binaries. Further, it is possible to speed up attacks by running multiple containers in parallel.