R. Goubin, , 2020.

A. .. Gray-box-attacks, 108 7.3.1 Higher-Degree Decoding Analysis

. Data-dependency and . .. Ho-dca,

. .. Attacks, . Goubin, and . Paillier, 120 of the results presented in this chapter, Comparison between Different Advanced, 2019.

. .. , 134 8.4.1 The Winning Implementation, 2017.

, 152 8.5.2 De-Obfuscation and Implementation Structures, p.152, 2019.

A. Bibliography-estuardo, A. Bock, C. Amadori, W. Brzuska, and . Michiels, On the Security Goals of White-Box Cryptography, IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, vol.2, pp.327-357, 2020.

B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai et al., On the (Im)possibility of Obfuscating Programs, Advances in Cryptology -CRYPTO, vol.2139, pp.1-18, 2001.

G. Barthe, S. Belad, F. Dupressoir, P. Fouque, B. Grégoire et al., Strong Non-Interference and Type-Directed Higher-Order Masking, ACM CCS 2016: 23rd Conference on Computer and Communications Security, pp.116-129, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01410216

L. Batina, B. Gierlichs, E. Prouff, and M. Rivain, Mutual Information Analysis: a Comprehensive Study, Journal of Cryptology, vol.24, pp.269-291, 2011.

A. Beimel, ;. Chee, Z. Guo, S. Ling, and F. Shao, Coding and Cryptology -Third International Workshop, IWCC, vol.6639, pp.11-46, 2011.

S. Belad, D. Goudarzi, and M. Rivain, Tight Private Circuits: Achieving Probing Security with the Least Refreshing, Advances in Cryptology -ASIACRYPT 2018, Part II, vol.11273, pp.343-372, 2018.

D. Bellizia, F. Berti, O. Bronchain, G. Cassiers, S. Duval et al., , p.162

O. Bibliography, T. Pereira, F. Peters, F. Standaert, and . Wiemer, Spook: Sponge-Based Leakage-Resistant Authenticated Encryption with a Masked Tweakable Block Cipher, 2019.

E. Biham, A Fast New DES Implementation in Software, Fast Software Encryption -FSE'97, vol.1267, pp.260-272, 1997.

E. Biham and A. Shamir, Differential Fault Analysis of Secret Key Cryptosystems, Advances in Cryptology -CRYPTO'97, 1997.

. Kaliski, Lecture Notes in Computer Science, vol.1294, pp.513-525

O. Billet, H. Gilbert, and C. Ech-chatbi, Cryptanalysis of a White Box AES Implementation, SAC 2004: 11th Annual International Workshop on Selected Areas in Cryptography, vol.3357, pp.227-240, 2004.

A. Biryukov, C. Bouillaguet, D. Khovratovich-;-taiwan, and R. O. , Advances in Cryptology -ASIACRYPT 2014, Part I. Ed. by Palash Sarkar and Tetsu Iwata, vol.8873, pp.63-84, 2014.

A. Biryukov and L. Perrin, Symmetrically and Asymmetrically Hard Cryptography, Advances in Cryptology -ASIACRYPT 2017, Part III, vol.10626, pp.417-445, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01650044

A. Biryukov and A. Shamir, Structural Cryptanalysis of SASAS, Advances in Cryptology -EUROCRYPT, vol.2045, 2001.

, Lecture Notes in Computer Science. Innsbruck, pp.394-405

, Structural Cryptanalysis of SASAS, Journal of Cryptology, vol.23, pp.505-518, 2010.

A. Biryukov and A. Udovenko, Attacks and Countermeasures for White-box Designs, Advances in Cryptology -ASIACRYPT 2018, 2018.

, Lecture Notes in Computer Science, vol.11273, pp.373-402

A. Estuardo, A. Bock, J. W. Amadori, C. Bos, W. Brzuska et al., Doubly Half-Injective PRGs for Incompressible White-Box Bibliography 163, 2019.

, Topics in Cryptology -CT-RSA 2019. Ed. by Mitsuru Matsui, vol.11405, pp.189-209

A. Estuardo, J. W. Bock, C. Bos, C. Brzuska, W. Hubain et al., White-Box Cryptography: Don't Forget About Grey-Box Attacks, Journal of Cryptology, vol.32, pp.1095-1143, 2019.

A. Estuardo, C. Bock, W. Brzuska, A. Michiels, and . Treff, On the Ineffectiveness of Internal Encodings -Revisiting the DCA Attack on, 2018.

. White-box and . Cryptography, ACNS 18: 16th International Conference on Applied Cryptography and Network Security

, Lecture Notes in Computer Science. Leuven, vol.10892, pp.103-120

A. Estuardo, A. Bock, and . Treff, Security Assessment of White-Box Design Submissions of the CHES 2017 CTF Challenge. Cryptology ePrint Archive, 2020.

A. Bogdanov and T. Isobe, White-Box Cryptography Revisited: Space-Hard Ciphers, ACM CCS 2015: 22nd Conference on Computer and Communications Security, pp.1058-1069, 2015.

A. Bogdanov, M. Rivain, P. S. Vejre, and J. Wang, Higher-Order DCA against Standard Side-Channel Countermeasures, COSADE 2019: 10th International Workshop on Constructive Side-Channel Analysis and Secure Design. Ed. by Ilia Polian and Marc Stöttinger, vol.11421, pp.118-141, 2019.

D. Boneh, R. A. Demillo, and R. J. Lipton, On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract), Advances in Cryptology -EUROCRYPT'97. Ed. by Walter Fumy, vol.1233, pp.37-51, 1997.

W. Joppe, C. Bos, and . Hubain, Differential Computation Analysis: Hiding Your White-Box Designs is Not Enough, Cryptographic Hardware and Embedded Systems -CHES 2016, 2016.

B. Gierlichs and A. Y. Poschmann, Lecture Notes in Computer Science, vol.9813, pp.215-236

J. Bringer, H. Chabanne, and E. Dottax, White Box Cryptography: Another Attempt. Cryptology ePrint Archive, 2006.

H. Bibliography-julien-bringer, E. Chabanne, and . Dottax, Perturbing and Protecting a Traceable Block Cipher, Communications and Multimedia Security, 10th IFIP TC-6 TC-11 International Conference, 2006.

. Markatos, Lecture Notes in Computer Science, vol.4237, pp.109-119

S. Chari, C. S. Jutla, J. R. Rao, and P. Rohatgi, Towards Sound Approaches to Counteract Power-Analysis Attacks, Advances in Cryptology -CRYPTO'99, vol.1666, pp.398-412, 1999.

S. Chari, J. R. Rao, and P. Rohatgi, Template Attacks, Cryptographic Hardware and Embedded Systems -CHES 2002, vol.2523, pp.13-28, 2003.

S. Chow, P. A. Eisen, H. Johnson, and P. C. Van-oorschot, A White-Box DES Implementation for DRM Applications, Security and Privacy in Digital Rights Management, ACM CCS-9 Workshop, DRM 2002, vol.2696, 2002.

, , pp.1-15

S. Chow, P. A. Eisen, H. Johnson, and P. C. Van-oorschot, White-Box Cryptography and an AES Implementation, SAC 2002: 9th Annual International Workshop on Selected Areas in Cryptography. Ed. by Kaisa Nyberg and Howard M. Heys, vol.2595, 2003.

. St, . John's, and C. Newfoundland, , pp.250-270

C. Clavier, N. Jean-sébastien-coron, and . Dabbous, Differential Power Analysis in the Presence of Hardware Countermeasures, Cryptographic Hardware and Embedded Systems -CHES 2000, pp.252-263, 1965.
URL : https://hal.archives-ouvertes.fr/hal-02487059

C. Collberg, C. Thomborson, and D. Low, A taxonomy of obfuscating transformations, 1997.

J. Coron, Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems, Cryptographic Hardware and Embedded Systems -CHES'99, vol.1717, p.165, 1999.

, Heidelberg, pp.292-302

, Higher Order Masking of Look-Up Tables, Advances in Cryptology -EUROCRYPT 2014, 2014.

, Lecture Notes in Computer Science, vol.8441, pp.441-458

I. Jean-sébastien-coron and . Kizhvatov, Analysis and Improvement of the Random Delay Countermeasure of CHES, Cryptographic Hardware and Embedded Systems -CHES 2010. Ed. by Stefan Mangard and François, 2009.

X. Standaert, Lecture Notes in Computer Science, vol.6225, pp.95-109

E. Jean-sébastien-coron, M. Prouff, T. Rivain, and . Roche, Higher-Order Side Channel Security and Mask Refreshing, Fast Software Encryption -FSE 2013, vol.8424, pp.410-424, 2014.

J. Daemen and V. Rijmen, The design of Rijndael: AES-the advanced encryption standard, 2013.

Y. Mulder, P. Roelse, and B. Preneel, Revisiting the BGE Attack on a White-Box AES Implementation, SAC 2012: 19th Annual International Workshop on Selected Areas in Cryptography, 2013.

L. R. Ed, H. Knudsen, and . Wu, Lecture Notes in Computer Science, vol.7707, pp.34-49

B. Yoni-de-mulder, B. Wyseur, and . Preneel, Cryptanalysis of a Perturbated White-Box AES Implementation, Progress in Cryptology -IN-DOCRYPT 2010: 11th International Conference in Cryptology in India. Ed. by Guang Gong and Kishan Chand Gupta, vol.6498, 2010.

I. Hyderabad, , pp.292-310

C. Delerablée, T. Lepoint, P. Paillier, and M. Rivain, White-Box Security Notions for Symmetric Encryption Schemes, SAC 2013: 20th Annual International Workshop on Selected Areas in Cryptography, 2014.

T. Lange, K. Lauter, and P. Lisonek, Lecture Notes in Computer Science, vol.8282, pp.247-264

P. Derbez, P. Fouque, B. Lambin, and B. Minaud, On Recovering Affine Encodings in White-Box Implementations, IACR Transactions on Cryptographic Hardware and Embedded Systems, pp.2569-2925, 2018.
URL : https://hal.archives-ouvertes.fr/hal-02162300

P. Dusart, G. Letourneux, and O. Vivolo, Differential Fault Analysis on AES, ACNS 03: 1st International Conference on Applied Cryptography and Network Security, 2003.

, Lecture Notes in Computer Science, vol.2846, pp.293-306

J. Feigenbaum, Revised Papers, Security and Privacy in Digital Rights Management, ACM CCS-9 Workshop, vol.2696, 2002.

A. Ronald, F. Fisher, and . Yates, Statistical tables for biological, agricultural and medical research, Statistical tables for biological, agricultural and medical research, 1938.

P. Fouque, P. Karpman, P. Kirchner, and B. Minaud, Efficient and Provable White-Box Primitives, Advances in Cryptology -ASI-ACRYPT 2016, Part I, vol.10031, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01427810

, Germany, Lecture Notes in Computer Science. Hanoi, pp.159-188

S. Garg, C. Gentry, and S. Halevi, Candidate Multilinear Maps from Ideal Lattices, Advances in Cryptology -EUROCRYPT 2013, vol.7881, pp.1-17, 2013.

S. Garg, C. Gentry, S. Halevi, and M. Raykova, Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits, 54th Annual Symposium on Foundations of Computer Science, pp.40-49, 2013.

B. Gierlichs, L. Batina, P. Tuyls, and B. Preneel, Mutual Information Analysis, Cryptographic Hardware and Embedded Systems -CHES 2008, vol.5154, pp.426-442, 2008.

G. H. Golub and C. F. Van-loan, Matrix Computations. Johns Hopkins Studies in the Mathematical Sciences, p.9780801854149, 1996.

L. Goubin, J. Masereel, and M. Quisquater, Cryptanalysis of White Box DES Implementations, SAC 2007: 14th Annual International Workshop on Selected Areas in Cryptography, p.167, 2007.

M. J. Miri and . Wiener, Lecture Notes in Computer Science. Ottawa, vol.4876, pp.278-295

L. Goubin, P. Paillier, M. Rivain, and J. Wang, How to reveal the secrets of an obscure white-box implementation, Journal of Cryptographic Engineering, vol.10, issue.1, pp.49-66, 2020.
URL : https://hal.archives-ouvertes.fr/hal-02171942

L. Goubin and J. Patarin, DES and Differential Power Analysis (The "Duplication" Method), Cryptographic Hardware and Embedded Systems -CHES'99, vol.1717, pp.158-172, 1999.

L. Goubin, M. Rivain, and J. Wang, Defeating State-of-the-Art White-Box Countermeasures, IACR Transactions on Cryptographic Hardware and Embedded Systems 2020.3, pp.454-482, 2020.

D. Goudarzi, J. J. Jean, K. Stefan, P. Thomas, and R. Matthieu, Pyjamask, 2019.

D. Goudarzi and M. Rivain, How Fast Can Higher-Order Masking Be in Software?, In: Advances in Cryptology, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01494061

, Lecture Notes in Computer Science, vol.10210, pp.567-597

M. Horváth, Survey on Cryptographic Obfuscation, Cryptology ePrint Archive, 2015.

, Private Circuits: Securing Hardware against Probing Attacks, Advances in Cryptology -CRYPTO, 2003.

E. By-dan and . Boneh, Lecture Notes in Computer Science, vol.2729, pp.463-481

, ISO/IEC 8859-1:1998: Information technology -8-bit singlebyte coded graphic character sets -Part 1: Latin alphabet No, 1998.

M. Jacob, D. Boneh, and E. W. Felten, Attacking an Obfuscated Cipher by Injecting Faults, Security and Privacy in Digital Rights Management, ACM CCS-9 Workshop, DRM 2002, vol.2696, pp.16-31, 2002.

A. Journault and F. Standaert, Very High Order Masking: Efficient Implementation and Security Evaluation, Cryptographic 168 Bibliography Hardware and Embedded Systems -CHES 2017, vol.10529, pp.623-643, 2017.

M. Karroumi, Protecting White-Box AES with Dual Ciphers, ICISC 10: 13th International Conference on Information Security and Cryptology, 2011.

, Lecture Notes in Computer Science. Seoul, vol.6829, pp.278-291

A. Kerckhoffs, La Cryptographic Militaire". In: Journal des Sciences Militaires, pp.5-38, 1883.

C. Paul and . Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Advances in Cryptology -CRYPTO'96, 1996.

N. Koblitz, Lecture Notes in Computer Science, vol.1109, pp.104-113

C. Paul, J. Kocher, and B. Jaffe, Differential Power Analysis, Advances in Cryptology -CRYPTO'99, 1999.

, Lecture Notes in Computer Science, vol.1666, pp.388-397

S. Lee, T. Kim, and Y. Kang, A Masked White-Box Cryptographic Implementation for Protecting Against Differential Computation Analysis, IEEE Trans. Information Forensics and Security, vol.13, pp.2602-2615, 2018.

T. Lepoint and M. Rivain, Another Nail in the Coffin of White-Box AES Implementations, Cryptology ePrint Archive, 2013.

T. Lepoint, M. Rivain, Y. Mulder, P. Roelse, and B. Preneel, Two Attacks on a White-Box AES Implementation, SAC 2013: 20th Annual International Workshop on Selected Areas in Cryptography, vol.8282, pp.265-285, 2014.
URL : https://hal.archives-ouvertes.fr/hal-00872844

H. Lin, Indistinguishability Obfuscation from Constant-Degree Graded Encoding Schemes, Advances in Cryptology -EUROCRYPT 2016, Part I, vol.9665, pp.28-57, 2016.

, Indistinguishability Obfuscation from SXDH on 5-Linear Maps and Locality-5 PRGs, Advances in Cryptology -CRYPTO 2017, Part I, p.169, 2017.

J. Katz and H. Shacham, Lecture Notes in Computer Sci, vol.10401

, , pp.599-629

H. Lin and S. Tessaro, Indistinguishability Obfuscation from Trilinear Maps and Block-Wise Local PRGs, Advances in Cryptology -CRYPTO 2017, Part I, vol.10401, pp.630-660, 2017.

H. E. Link and W. D. Neumann, Clarifying Obfuscation: Improving the Security of White-Box DES, International Symposium on Information Technology: Coding and Computing (ITCC 2005), vol.1, pp.679-684, 2005.

C. Luk, R. S. Cohn, R. Muth, H. Patil, A. Klauser et al., Pin: building customized program analysis tools with dynamic instrumentation, Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation, pp.190-200, 2005.

S. Mangard, Hardware Countermeasures against DPA -A Statistical Analysis of Their Effectiveness, Topics in Cryptology -CT-RSA, 2004.

T. Okamoto, Lecture Notes in Computer Science, vol.2964, pp.222-235

S. Mangard, E. Oswald, and T. Popp, Power analysis attacksrevealing the secrets of smart cards, pp.978-978, 2007.

W. Michiels, P. Gorissen, D. L. Henk, and . Hollmann, Cryptanalysis of a Generic Class of White-Box Implementations, SAC 2008: 15th Annual International Workshop on Selected Areas in Cryptography, vol.5381, pp.414-428, 2009.

B. Minaud, P. Derbez, P. Fouque, and P. Karpman, Lecture Notes in Computer Science, Advances in Cryptology -ASI-ACRYPT 2015, Part II, vol.9453, pp.3-27, 2015.

, Key-Recovery Attacks on ASASA, Journal of Cryptology, vol.31, pp.845-884, 2018.

A. Moradi, O. Mischke, and T. Eisenbarth, Correlation-Enhanced Power Analysis Collision Attack, Cryptographic Hardware and Embedded Systems -CHES 2010, vol.6225, pp.125-139, 2010.

J. A. Muir, A Tutorial on White-box AES, Cryptology ePrint Archive, 2013.

N. Nethercote and J. Seward, Valgrind: a framework for heavyweight dynamic binary instrumentation, Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation, pp.89-100, 2007.

M. E. Newman, Fast algorithm for detecting community structure in networks, Phys. Rev. E, vol.69, issue.6, p.66133, 2004.

E. Prouff and M. Rivain, Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis, ACNS 09: 7th International Conference on Applied Cryptography and Network Security, 2009.

M. Abdalla, D. Pointcheval, P. Fouque, and D. Vergnaud,

, Lecture Notes in Computer Science. Paris-Rocquencourt, vol.5536, pp.499-518

, Masking against Side-Channel Attacks: A Formal Security Proof, Advances in Cryptology -EUROCRYPT 2013, vol.7881, pp.142-159, 2013.

A. D. Chester-rebeiro, A. S. Selvakumar, and . Devi, Bitslice Implementation of AES, CANS 06: 5th International Conference on Cryptology and Network Security, vol.4301, pp.203-212, 2006.

, Provably Secure Higher-Order Masking of AES, Cryptographic Hardware and Embedded Systems -CHES 2010, 2010.

, Lecture Notes in Computer Science, vol.6225, pp.413-427

M. Rivain, E. Prouff, and J. Doget, Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers, Cryptographic Hardware and Embedded Systems -CHES 2009, vol.5747, pp.171-188, 2009.

M. Rivain and J. Wang, Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations, IACR Transactions on Cryptographic Hardware and Embedded Systems, pp.2569-2925, 2019.

R. Rolles, Unpacking Virtualization Obfuscators, Proceedings of the 3rd USENIX Conference on Offensive Technologies. WOOT'09, pp.1-1, 2009.

, How to use indistinguishability obfuscation: deniable encryption, and more, 46th Annual ACM Symposium on Theory of Computing, pp.475-484, 2014.

E. Sanfelix, C. Mune, and J. De-haas, Unboxing the White-Box: Practical attacks against Obfuscated Ciphers, pp.2020-2024, 2015.

A. Saxena, B. Wyseur, and B. Preneel, Towards Security Notions for White-Box Cryptography, ISC 2009: 12th International Conference on Information Security, vol.5735, 2009.

K. Schramm, G. Leander, P. Felke, and C. Paar, A Collision-Attack on AES: Combining Side Channel-and Differential-Attack, Cryptographic Hardware and Embedded Systems -CHES 2004, vol.3156, pp.163-175, 2004.

F. Standaert, E. Peeters, G. Rouvroy, and J. Quisquater, An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays, Proceedings of the IEEE 94, vol.2, pp.383-394, 2006.

. Volker-strassen, Gaussian Elimination is Not Optimal, Numer. Math. 13.4, pp.354-356, 1969.

D. Strobel and C. Paar, An Efficient Method for Eliminating Random Delays in Power Traces of Embedded Software, ICISC 11: 14th International Conference on Information Security and Cryptology, 2012.

, Lecture Notes in Computer Science. Seoul, vol.7259, pp.48-60

. Lmg-tolhuizen, Improved cryptanalysis of an AES implementation, Proceedings of the 33rd WIC Symposium on Information Theory, 2012. WIC (Werkgemeenschap voor Inform, 2012.

N. Veyrat-charvillon, M. Medwed, S. Kerckhof, and F. Standaert, Shuffling against Side-Channel Attacks: A Comprehensive Study with Cautionary Note, Advances in Cryptology -ASI-ACRYPT 2012. Ed. by Xiaoyun Wang and Kazue Sako, vol.7658, pp.740-757, 2012.

. Whibox, Capture the Flag Challenge -The WhibOx Contest, An ECRYPT White-Box Cryptography Competition, 2016.

, CHES 2019 Capture the Flag Challenge -The WhibOx Contest Edition 2, 2019.

B. Wyseur, W. Michiels, P. Gorissen, and B. Preneel, Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings, SAC 2007: 14th Annual International Workshop on Selected Areas in Cryptography, vol.4876, 2007.

, Germany, Lecture Notes in Computer Science. Ottawa, pp.264-277

Y. Xiao and X. Lai, A Secure Implementation of White-Box AES, 2009 2nd International Conference on Computer Science and its Applications, pp.1-6, 2009.

B. Yadegari, B. Johannesmeyer, B. Whitely, and S. Debray, A Generic Approach to Automatic Deobfuscation of Executable Code, 2015 IEEE Symposium on Security and Privacy, pp.674-691, 2015.