Fetching cryptographic keys from white-box protection much easier than thought
The security landscape is shifting, with more online software applications running on platforms without secured hardware, including mobile phones. The most sensitive information, the cryptographic keys, is protected by white-box software implementations. Until recently, they were commonly regarded as state-of-the-art security, only to be extracted from white-box implementations by tedious time-consuming reverse-engineering effort and complicated algebraic attacks. At the same time, little was known about their actual security level, since there is no certification scheme for software implementations.
Now a team of researchers from semiconductor developer NXP has looked closer, and they found out that in fact it is quite simple to extract the keys from a white-box environment. Using, among others, NXP’s experience in evaluating cryptographic implementations, the researchers discovered a new threat to white-box implementations that needs no expertise and no reverse engineering effort, and that can be deployed automatically. Maximum security in sensitive environments therefore obviously requires a combination of secure software and secure hardware elements. Adding embedded Secure Elements (eSE) could fill this gap.
The description of this newly discovered threat received the best paper award at the top-tier security conference CHES.
At its German site in Hamburg, NXP Semiconductors also employs a 20 person internal Vulnerability Analysis Team, whose job is finding loopholes in the security of NXP’s own products. Probing these at various stages of their life cycles, the experts’ learnings are used to further improve NXP’s product design. “First we break it, and then we make it better” is their credo.
