Differential Computation Analysis: Hiding your White-Box Designs is Not Enough [pdf]
eprint.iacr.orgWhite-box crypto is a neat idea: in essence, it encrypts the implementation of the cipher, transforming straightforward efficient assembly implementations of AES into huge, difficult-to-analyze sequences of instructions that are themselves expressive of a higher-level cipher. The goal is to ship to customers an implementation of a cipher that bakes the key in, in such a way that it's cryptographically difficult to extract the key and then use it in a different implementation of the same cipher.
This is, cryptographically speaking, a stretch. In 2004 it get much stretchier when Billet broke one of the best known AES white-box schemes; you can google "white box BGE attack" for the details.
Section 2 of this paper is a pretty good overview of white box crypto and the well-known attacks on it.
Worth mentioning: a big application for white-box crypto is DRM and content protection. In a DRM setting, defenders are not concerned with absolute protection against attacks, but rather economic protection: it should cost more to break a DRM scheme than a piece of content is worth. It's still possible that white-box crypto can provide that level of assurance for some kinds of content. For instance, with DRM'd movies, studios are mostly concerned about the new-release window; if it takes 2x the new-release window to break a white-box DRM scheme, the studios are probably fine with that.
> This is, cryptographically speaking, a stretch.
Not only that, this transforms any symmetric-key encryption scheme into a public-key encryption scheme---share the obfuscated "white-box" code as the public-key for encryption, and use the deobfuscated code for decryption. (The recent cryptographic obfuscation breakthroughs should also be able to do something close to this, but at a ludicrous computational cost, and who knows what the security of it actually is.)
The news in this paper is the semi-automation of the attacks using side-channel techniques. I wonder how this would fare with a white-box cipher that used standard DPA countermeasures. I suppose that in the white-box setting there is no guarantee of good randomness, so by zeroing the randomness source similar attacks as this paper's could be mounted.