How to Sign with White-Boxed AES

AuthorFischlin, Marc; Haagh, Helene
TypeConference Proceedings
AbstractWe investigate the possibility to use obfuscated implementations of the Advanced Encryption Standard AES (“white-boxed AES”) to devise secure signature schemes. We show that the intuitive idea to use AES-based message authentication codes to sign, and the white-boxed implementation to verify, fails in general. This underlines that providing a secure white-box implementation is only the first step and that using it securely as a component in cryptographic protocols may be harder than originally thought. We therefore provide secure signature schemes based on white-boxed AES and on random oracles, as well as stateful and stateless constructions without random oracles. All our solutions are shown to be secure for reasonable parameters.
Conference6th International Conference on Cryptology and Information Security in Latin America
SerieLecture Notes in Computer Science
InLATINCRYPT 2019: Progress in Cryptology - LATINCRYPT 2019, p.259-279