Chand Gupta, and G. On Obfuscating Point Functions. Research Academic research in white-box cryptography can be categorized into three activities. Jan 13, version: Indeed, it does not suffice to only protect an application against extraction of embedded secret keys. For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered.

Chand Gupta, and G. Theory White-box cryptography is often linked with code obfuscation, since both aim to protect software implementations. On the Im possibility of Obfuscating Programs. Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al. Ran Canetti and Mayank Varia. Resources Slides March — slides PhD defense.

## Whiteboxcrypto

ITCC 1pages Wee [Wee05] presented a provably secure obfuscator for a point function, which can be exploited in practice to construct authentication functionalities. Indeed, it does not suffice to only protect an application against extraction of embedded secret keys. Wyseur, and Bart Preneel: Theory White-box cryptography is often linked with code obfuscation, since both aim to protect software implementations. A security notion is a formal description of the security of a cryptographic scheme.

Nevertheless, this result does not exclude the existence of secure code obfuscators: Resources Slides March — slides PhD defense. For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered. Ran Canetti and Mayank Varia.

# Bart Preneel | SBA Research

Shafi Goldwasser and Yael Tauman Kalai. Chand Gupta, and G. Jan 13, version: Obfuscation for Cryptographic Purposes.

It makes sense to define white-box cryptography accordingly since it reflects more reality. Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al. Research Academic research in white-box cryptography can be categorized into three activities.

Attacking an obfuscated cipher by injecting faults. White-box implementations and cryptanalysis results A selection of the state of the art: Both have received similar scepticism on its feasibility and lack of theoretic foundations.

For example, to create the equivalent of a smart-card-based AES encryption function in software, it does not suffice that the white-box implementation resists extraction of its embedded key, but it must also be hard to invert.

Similar theoretic approaches have been conceived for white-box cryptography thrsis [Sax09].

## Bart Preneel

On the Impossibility of Obfuscation with Auxiliary Input. The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions.

thewis

On Obfuscating Point Functions. Positive Results and Techniques for Obfuscation. On the Im possibility of Obfuscating Programs.