Practical *****ing of white-box implementations from phrack.org

[amila4341]

1 - Introduction


2 - What is a WB implementation?


3 - The things you should know about white-boxes
3.1 - Products available
3.2 - Academic state of the art


4 - Handling the first case: ****.lu's challenge
4.1 - The discovery step
4.2 - The key recovery
4.3 - Random thoughts


5 - White-boxing the DES
5.1 - The DES algorithm
5.2 - An overview of DES WB primitives


6 - Breaking the second case: Wyseur's challenge
6.1 - Efficient reverse engineering of the binary
6.2 - The discovery step
6.3 - Recovering the first subkey
6.4 - Recovering the original key


7 - Conclusion


8 - Gr33tz


9 - References


10 - Appendix: Source code


-------




--[ 1 - Introduction




This paper is about WB (white-box) cryptography. You may not have heard
too much about it but if you're focused on reverse engineering and more
precisely on software protections, then it may be of interest for you.


Usually The common way to learn something valuable in cryptography is
either to read academic papers or cryptography books (when they're written
by true cryptographers). However as cryptography is about maths, it can
sometimes seem too theoretical for the average reverser/****er. I'm willing
to take a much more practical approach using a combination of both reverse
engineering and elementary maths.


Obviously such a paper is not written for cryptographers but rather for
****ers or *****ers unfamiliar with the concept of white-box and willing to
learn about it. Considering the quasi non existence of public
implementations to play with as well as the 'relatively' small amount of
valuable information on this subject, I hope this will be of interest. Or
at the very least that it will be a pleasant read... O:-)