AES Based White Box Cryptography in Digital Signature Verification

Piyush Kumar Shukla; Amer Aljaedi; Piyush Kumar Pareek; Adel R Alharbi; Sajjad Shaukat Jamal

doi:10.3390/s22239444

AES Based White Box Cryptography in Digital Signature Verification

Sensors (Basel). 2022 Dec 2;22(23):9444. doi: 10.3390/s22239444.

Authors

Piyush Kumar Shukla¹, Amer Aljaedi², Piyush Kumar Pareek³, Adel R Alharbi², Sajjad Shaukat Jamal⁴

Affiliations

¹ Department of Computer Science & Engineering, University Institute of Technology (UIT), Rajiv Gandhi Proudyogiki Vishwavidyalaya (RGPV), Technological University of Madhya Pradesh, Bhopal 462033, Madhya Pradesh, India.
² College of Computing and Information Technology, University of Tabuk, Tabuk 71491, Saudi Arabia.
³ Department of Computer Science and Engineering, Head of IPR Cell, Nitte Meenakshi Institute of Technology, Bengaluru 560064, Karnataka, India.
⁴ Department of Mathematics, College of Science, King Khalid University, Abha 61413, Saudi Arabia.

Abstract

According to the standard paradigm, white box cryptographic primitives are used to block black box attacks and protect sensitive information. This is performed to safeguard the protected information and keys against black box assaults. An adversary in such a setting is aware of the method and can analyze many system inputs and outputs, but is blind to the specifics of how a critical instantiation primitive is implemented. This is the focus of white-box solutions, which are designed to withstand attacks that come from the execution environment. This is significant because an attacker may obtain unrestricted access to the program's execution in this environment. The purpose of this article is to assess the efficiency of white-box implementations in terms of security. Our contribution is twofold: first, we explore the practical implementations of white-box approaches, and second, we analyze the theoretical foundations upon which these implementations are built. First, a research proposal is crafted that details white-box applications of DES and AES encryption algorithms. To begin, this preparation is necessary. The research effort planned for this project also includes cryptanalysis of these techniques. Once the general cryptanalysis results have been examined, the white-box design approaches will be covered. We have decided to launch an investigation into creating a theoretical model for white box, since no prior formal definitions have been offered, and suggested implementations have not been accompanied by any assurance of security. This is due to the fact that no formal definition of "white box" has ever been provided. In this way lies the explanation for why this is the situation. We define WBC to encompass the security requirements of WBC specified over a white box cryptography technology and a security concept by studying formal models of obfuscation and shown security. This definition is the product of extensive investigation. This state-of-the-art theoretical model provides a setting in which to investigate the security of white-box implementations, leading to a wide range of positive and negative conclusions. As a result, this paper includes the results of a Digital Signature Algorithm (DSA) study which may be put to use in the real world with signature verification. Possible future applications of White Box Cryptography (WBC) research findings are discussed in light of these purposes and areas of investigation.

Keywords: AES; attack; digital signature; white box cryptography.

MeSH terms

Algorithms*
Computer Security*
Models, Theoretical

Grants and funding

2/86/43/Sajjad Shaukat Jamal