{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,12]],"date-time":"2026-01-12T05:09:56Z","timestamp":1768194596115,"version":"3.49.0"},"reference-count":88,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2019,2,12]],"date-time":"2019-02-12T00:00:00Z","timestamp":1549929600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2019,10]]},"DOI":"10.1007\/s00145-019-09315-1","type":"journal-article","created":{"date-parts":[[2019,2,12]],"date-time":"2019-02-12T20:13:31Z","timestamp":1550002411000},"page":"1095-1143","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["White-Box Cryptography: Don\u2019t Forget About Grey-Box Attacks"],"prefix":"10.1007","volume":"32","author":[{"given":"Estuardo","family":"Alpirez Bock","sequence":"first","affiliation":[]},{"given":"Joppe W.","family":"Bos","sequence":"additional","affiliation":[]},{"given":"Chris","family":"Brzuska","sequence":"additional","affiliation":[]},{"given":"Charles","family":"Hubain","sequence":"additional","affiliation":[]},{"given":"Wil","family":"Michiels","sequence":"additional","affiliation":[]},{"given":"Cristofaro","family":"Mune","sequence":"additional","affiliation":[]},{"given":"Eloi","family":"Sanfelix Gonzalez","sequence":"additional","affiliation":[]},{"given":"Philippe","family":"Teuwen","sequence":"additional","affiliation":[]},{"given":"Alexander","family":"Treff","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,2,12]]},"reference":[{"key":"9315_CR1","unstructured":"Advanced Encryption Standard (AES). National Institute of Standards and Technology (NIST), FIPS PUB 197, U.S. Department of Commerce (Nov. 2001)"},{"key":"9315_CR2","unstructured":"A.\u00a0Aghaie, A.\u00a0Moradi, S.\u00a0Rasoolzadeh, F.\u00a0Schellenberg, T.\u00a0Schneider, Impeccable circuits. Cryptology ePrint Archive, Report 2018\/203 (2018). https:\/\/eprint.iacr.org\/2018\/203.pdf"},{"key":"9315_CR3","unstructured":"B.\u00a0Amstadt, M.K. Johnson, Wine. Linux J., 1994(4) (August 1994)"},{"key":"9315_CR4","unstructured":"C.H. Baek, J.H. Cheon, H.\u00a0Hong, Analytic toolbox for white-box implementations: limitation and perspectives. Cryptology ePrint Archive, Report 2014\/688 (2014). http:\/\/eprint.iacr.org\/2014\/688"},{"key":"9315_CR5","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1007\/978-3-642-55220-5_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"Boaz Barak","year":"2014","unstructured":"B.\u00a0Barak, S.\u00a0Garg, Y.T. Kalai, O.\u00a0Paneth, A.\u00a0Sahai, Protecting obfuscation against algebraic attacks, in P.Q. Nguyen and E.\u00a0Oswald, editors, EUROCRYPT\u00a02014. LNCS, vol. 8441 (Springer, Heidelberg, Germany, Copenhagen, Denmark, May\u00a011\u201315, 2014), pp. 221\u2013238"},{"key":"9315_CR6","first-page":"1","volume-title":"Advances in Cryptology \u2014 CRYPTO 2001","author":"Boaz Barak","year":"2001","unstructured":"B.\u00a0Barak, O.\u00a0Goldreich, R.\u00a0Impagliazzo, S.\u00a0Rudich, A.\u00a0Sahai, S.P. Vadhan, K.\u00a0Yang. On the (im)possibility of obfuscating programs, in J.\u00a0Kilian, editor, CRYPTO\u00a02001. LNCS, vol. 2139 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a019\u201323, 2001), pp. 1\u201318"},{"key":"9315_CR7","first-page":"275","volume-title":"Information Security and Cryptography","author":"Alessandro Barenghi","year":"2012","unstructured":"A.\u00a0Barenghi, G.M. Bertoni, L.\u00a0Breveglieri, M.\u00a0Pellicioli, G.\u00a0Pelosi, Injection technologies for fault attacks on microprocessors, in Joye and Tunstall [42], pp. 275\u2013293"},{"key":"9315_CR8","unstructured":"A.\u00a0Barenghi, L.\u00a0Breveglieri, I.\u00a0Koren, D.\u00a0Naccache, Fault injection attacks on cryptographic devices: theory, practice, and countermeasures, in Proceedings of the IEEE. IEEE, vol. 100 (2012), pp. 3056\u20133076"},{"key":"9315_CR9","unstructured":"J.-B. B\u00e9drune, Hack.lu 2009 reverse challenge 1. Online (2009). http:\/\/2009.hack.lu\/index.php\/ReverseChallenge"},{"key":"9315_CR10","unstructured":"F.\u00a0Bellard, QEMU, a fast and portable dynamic translator, in USENIX Annual Technical Conference, FREENIX Track (2005), pp. 41\u201346"},{"key":"9315_CR11","first-page":"111","volume-title":"Information Security and Cryptography","author":"Alexandre Berzati","year":"2012","unstructured":"A.\u00a0Berzati, C.\u00a0Canovas-Dumas, L.\u00a0Goubin, A survey of differential fault analysis against classical RSA implementations, in Joye and Tunstall [42], pp. 111\u2013124"},{"key":"9315_CR12","unstructured":"S.\u00a0Bhatkar, D.\u00a0C. DuVarney, R.\u00a0Sekar, Address obfuscation: an efficient approach to combat a broad range of memory error exploits, in Proceedings of the 12th USENIX Security Symposium. USENIX Association (2003)"},{"key":"9315_CR13","doi-asserted-by":"publisher","first-page":"131","DOI":"10.1007\/3-540-44598-6_8","volume-title":"Advances in Cryptology \u2014 CRYPTO 2000","author":"Ingrid Biehl","year":"2000","unstructured":"I.\u00a0Biehl, B.\u00a0Meyer, V.M\u00fcller, Differential fault attacks on elliptic curve cryptosystems, in M.\u00a0Bellare, editor, CRYPTO\u00a02000. LNCS, vol. 1880 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a020\u201324, 2000), pp. 131\u2013146"},{"key":"9315_CR14","doi-asserted-by":"crossref","unstructured":"E.\u00a0Biham, A.\u00a0Shamir, Differential cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer, in J.\u00a0Feigenbaum, editor, CRYPTO\u201991. LNCS, vol. 576 (Springer, Heidelberg, Santa Barbara, CA, USA, Germany, Aug.\u00a011\u201315, 1992), pp. 156\u2013171","DOI":"10.1007\/3-540-46766-1_11"},{"key":"9315_CR15","doi-asserted-by":"crossref","unstructured":"E.\u00a0Biham, A.\u00a0Shamir, Differential fault analysis of secret key cryptosystems, in B.S. Kaliski Jr., editor, CRYPTO\u201997. LNCS, vol. 1294 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a017\u201321, 1997), pp. 513\u2013525","DOI":"10.1007\/BFb0052259"},{"key":"9315_CR16","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1007\/978-3-540-40061-5_21","volume-title":"Advances in Cryptology - ASIACRYPT 2003","author":"Olivier Billet","year":"2003","unstructured":"O.\u00a0Billet, H.\u00a0Gilbert, A traceable block cipher, in C.-S. Laih, editor, ASIACRYPT\u00a02003. LNCS, vol. 2894 (Springer, Heidelberg, Germany, 2003), pp. 331\u2013346"},{"key":"9315_CR17","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-540-30564-4_16","volume-title":"Selected Areas in Cryptography","author":"Olivier Billet","year":"2004","unstructured":"O.\u00a0Billet, H.\u00a0Gilbert, C.\u00a0Ech-Chatbi, Cryptanalysis of a white box AES implementation, in H.\u00a0Handschuh and A.\u00a0Hasan, editors, SAC 2004. LNCS, vol. 3357 (Springer, Heidelberg, Germany, Waterloo, Ontario, Canada, Aug.\u00a09\u201310, 2004), pp 227\u2013240"},{"key":"9315_CR18","first-page":"63","volume-title":"Lecture Notes in Computer Science","author":"Alex Biryukov","year":"2014","unstructured":"A.\u00a0Biryukov, C.\u00a0Bouillaguet, D.\u00a0Khovratovich, Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract), in P.\u00a0Sarkar and T.\u00a0Iwata, editors, ASIACRYPT\u00a02014, Part\u00a0I. LNCS, vol. 8873 (Springer, Heidelberg, Germany, Kaoshiung, Taiwan, R.O.C., Dec.\u00a07\u201311, 2014), pp. 63\u201384"},{"key":"9315_CR19","first-page":"33","volume-title":"Lecture Notes in Computer Science","author":"Alex Biryukov","year":"2003","unstructured":"A.\u00a0Biryukov, C.\u00a0De Canni\u00e9re, A.\u00a0Braeken, B.\u00a0Preneel, A toolbox for cryptanalysis: linear and affine equivalence algorithms, in E.\u00a0Biham, editor, EUROCRYPT\u00a02003. LNCS, vol. 2656 (Springer, Heidelberg, Germany, Warsaw, Poland, May\u00a04\u20138, 2003), pp. 33\u201350"},{"key":"9315_CR20","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, R.A. DeMillo, R.J.\u00a0Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in W.\u00a0Fumy, editor, EUROCRYPT\u201997. LNCS, vol. 1233 (Springer, Heidelberg, Germany, Konstanz, Germany, May\u00a011\u201315, 1997), pp. 37\u201351","DOI":"10.1007\/3-540-69053-0_4"},{"key":"9315_CR21","first-page":"1","volume-title":"Theory of Cryptography","author":"Zvika Brakerski","year":"2014","unstructured":"Z.\u00a0Brakerski, G.N. Rothblum, Virtual black-box obfuscation for all circuits via generic graded encoding, in Y.\u00a0Lindell, editor, TCC\u00a02014. LNCS, vol. 8349 (Springer, Heidelberg, Germany, San Diego, CA, USA, Feb.\u00a024\u201326, 2014), pp. 1\u201325"},{"key":"9315_CR22","unstructured":"C.-B. Breunesse, I.\u00a0Kizhvatov, R.\u00a0Muijrers, A.\u00a0Spruyt, Towards fully automated analysis of whiteboxes: perfect dimensionality reduction for perfect leakage. Cryptology ePrint Archive, Report 2018\/095 (2018). http:\/\/eprint.iacr.org\/"},{"key":"9315_CR23","first-page":"16","volume-title":"Lecture Notes in Computer Science","author":"Eric Brier","year":"2004","unstructured":"E.\u00a0Brier, C.\u00a0Clavier, F.\u00a0Olivier. Correlation power analysis with a leakage model, in M.\u00a0Joye and J.-J. Quisquater, editors, CHES\u00a02004. LNCS, vol. 3156 (Springer, Heidelberg, Germany, Cambridge, Massachusetts, USA, Aug.\u00a011\u201313, 2004), pp. 16\u201329"},{"key":"9315_CR24","unstructured":"J.\u00a0Bringer, H.\u00a0Chabanne, E.\u00a0Dottax, White box cryptography: another attempt. Cryptology ePrint Archive, Report 2006\/468 (2006). http:\/\/eprint.iacr.org\/2006\/468"},{"key":"9315_CR25","doi-asserted-by":"crossref","unstructured":"S.\u00a0Chari, C.S. Jutla, J.R. Rao, P.\u00a0Rohatgi, Towards sound approaches to counteract power-analysis attacks, in M.J. Wiener, editor, CRYPTO\u201999. LNCS, vol. 1666 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a015\u201319, 1999), pp. 398\u2013412","DOI":"10.1007\/3-540-48405-1_26"},{"key":"9315_CR26","doi-asserted-by":"crossref","unstructured":"S.\u00a0Chari, J.R. Rao, P.\u00a0Rohatgi, Template attacks, in B.\u00a0S. Kaliski Jr., \u00c7etin Kaya.\u00a0Ko\u00e7, and C.\u00a0Paar, editors, CHES\u00a02002. LNCS, vol. 2523 (Springer, Heidelberg, Germany, Redwood Shores, CA, USA, Aug.\u00a013\u201315, 2003), pp. 13\u201328","DOI":"10.1007\/3-540-36400-5_3"},{"key":"9315_CR27","doi-asserted-by":"publisher","first-page":"250","DOI":"10.1007\/3-540-36492-7_17","volume-title":"Selected Areas in Cryptography","author":"Stanley Chow","year":"2003","unstructured":"S.\u00a0Chow, P.A. Eisen, H.\u00a0Johnson, P.C. van Oorschot, White-box cryptography and an AES implementation, in K.\u00a0Nyberg and H.\u00a0M. Heys, editors, SAC 2002. LNCS, vol. 2595, St. John\u2019s (Springer, Heidelberg, Germany, Newfoundland, Canada, Aug.\u00a015\u201316, 2003), pp. 250\u2013270"},{"key":"9315_CR28","doi-asserted-by":"crossref","unstructured":"S.\u00a0Chow, P.A. Eisen, H.\u00a0Johnson, P.\u00a0C. van Oorschot, A white-box DES implementation for DRM applications, in J.\u00a0Feigenbaum, editor, Security and Privacy in Digital Rights Management, ACM CCS-9 Workshop, DRM 2002. LNCS, vol. 2696 (Springer, 2003), pp. 1\u201315","DOI":"10.1007\/978-3-540-44993-5_1"},{"key":"9315_CR29","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1007\/978-3-662-43933-3_21","volume-title":"Fast Software Encryption","author":"Jean-S\u00e9bastien Coron","year":"2014","unstructured":"J.-S. Coron, E.\u00a0Prouff, M.\u00a0Rivain, T.\u00a0Roche, Higher-order side channel security and mask refreshing, in S.\u00a0Moriai, editor, FSE\u00a02013. LNCS, vol. 8424 (Springer, Heidelberg, Germany), pp. 410\u2013424"},{"key":"9315_CR30","doi-asserted-by":"crossref","unstructured":"J.\u00a0Daemen, V.\u00a0Rijmen, The design of Rijndael: AES\u2014the Advanced Encryption Standard (Springer, 2002)","DOI":"10.1007\/978-3-662-04722-4"},{"key":"9315_CR31","doi-asserted-by":"crossref","unstructured":"Y.\u00a0de\u00a0Mulder, White-Box Cryptography: Analysis of White-Box AES Implementations. PhD thesis, KU Leuven (2014)","DOI":"10.1007\/978-3-642-35999-6_3"},{"key":"9315_CR32","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/978-3-662-43414-7_13","volume-title":"Selected Areas in Cryptography -- SAC 2013","author":"C\u00e9cile Delerabl\u00e9e","year":"2014","unstructured":"C.\u00a0Delerabl\u00e9e, T.\u00a0Lepoint, P.\u00a0Paillier, M.\u00a0Rivain, White-box security notions for symmetric encryption schemes, in T.\u00a0Lange, K.\u00a0Lauter, and P.\u00a0Lisonek, editors, SAC 2013. LNCS, vol. 8282 (Springer, Heidelberg, Germany, Burnaby, BC, Canada, Aug.\u00a014\u201316, 2014), pp. 247\u2013264"},{"key":"9315_CR33","doi-asserted-by":"crossref","unstructured":"P.\u00a0Dusart, G.\u00a0Letourneux, O.\u00a0Vivolo, Differential fault analysis on AES, in J.\u00a0Zhou, M.\u00a0Yung, and Y.\u00a0Han, editors, ACNS 03. LNCS, vol. 2846 (Springer, Heidelberg, Germany, Kunming, China, Oct.\u00a016\u201319, 2003), pp. 293\u2013306","DOI":"10.1007\/978-3-540-45203-4_23"},{"key":"9315_CR34","unstructured":"P.\u00a0Dusart, G.\u00a0Letourneux, O.\u00a0Vivolo, Differential fault analysis on A.E.S., in J.\u00a0Zhou, M.\u00a0Yung, and Y.\u00a0Han, editors, ACNS 2003. Lecture Notes in Computer Science, vol. 2846 (Springer, 2003), pp. 293\u2013306."},{"key":"9315_CR35","unstructured":"F.\u00a0Falco, N.\u00a0Riva, Dynamic binary instrumentation frameworks: I know you\u2019re there spying on me. REcon (2012). http:\/\/recon.cx\/2012\/schedule\/events\/216.en.html"},{"key":"9315_CR36","doi-asserted-by":"crossref","unstructured":"S.\u00a0Garg, C.\u00a0Gentry, S.\u00a0Halevi, M.\u00a0Raykova, A.\u00a0Sahai, B.\u00a0Waters, Candidate indistinguishability obfuscation and functional encryption for all circuits, in 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS. IEEE Computer Society (2013), pp 40\u201349","DOI":"10.1109\/FOCS.2013.13"},{"key":"9315_CR37","doi-asserted-by":"crossref","unstructured":"L.\u00a0Goubin, J.-M. Masereel, M.\u00a0Quisquater, Cryptanalysis of white box DES implementations, in C.M. Adams, A.\u00a0Miri, and M.J. Wiener, editors, SAC 2007. LNCS, vol. 4876 (Springer, Heidelberg, Germany, Ottawa, Canada, Aug.\u00a016\u201317, 2007), pp. 278\u2013295","DOI":"10.1007\/978-3-540-77360-3_18"},{"key":"9315_CR38","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/3-540-48059-5_15","volume-title":"Cryptographic Hardware and Embedded Systems","author":"Louis Goubin","year":"1999","unstructured":"L.\u00a0Goubin, J.\u00a0Patarin, DES and differential power analysis (the \u201cduplication\u201d method), in \u00c7etin Kaya.\u00a0Ko\u00e7 and C.\u00a0Paar, editors, CHES\u201999. LNCS, vol. 1717 (Springer, Heidelberg, Germany, Worcester, Massachusetts, USA, Aug.\u00a012\u201313, 1999), pp. 158\u2013172"},{"key":"9315_CR39","unstructured":"Y.\u00a0Huang, F.S. Ho, H.\u00a0Tsai, H.M. Kao, A control flow obfuscation method to discourage malicious tampering of software codes, in F.\u00a0Lin, D.\u00a0Lee, B.P. Lin, S.\u00a0Shieh, and S.\u00a0Jajodia, editors, Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006. ACM (2006), p. 362"},{"key":"9315_CR40","doi-asserted-by":"crossref","unstructured":"M.\u00a0Jacob, D.\u00a0Boneh, E.W. Felten, Attacking an obfuscated cipher by injecting faults, in J.\u00a0Feigenbaum, editor, Security and Privacy in Digital Rights Management, ACM CCS-9 Workshop, DRM 2002, Washington, DC, USA, November 18, 2002, Revised Papers. LNCS, vol. 2696 (Springer, 2003), pp. 16\u201331","DOI":"10.1007\/978-3-540-44993-5_2"},{"key":"9315_CR41","doi-asserted-by":"crossref","unstructured":"M.\u00a0Jakobsson, M.K. Reiter, Discouraging software piracy using software aging, in T.\u00a0Sander, editor, Security and Privacy in Digital Rights Management, ACM CCS-8 Workshop DRM 2001. LNCS, vol. 2320 (Springer, 2002), pp. 1\u201312","DOI":"10.1007\/3-540-47870-1_1"},{"key":"9315_CR42","series-title":"Information Security and Cryptography","volume-title":"Fault Analysis in Cryptography","year":"2012","unstructured":"M.\u00a0Joye, M.\u00a0Tunstall, editors. Fault Analysis in Cryptography. ISC (Springer, Heidelberg, Germany, 2012)"},{"key":"9315_CR43","doi-asserted-by":"crossref","unstructured":"M.\u00a0Karroumi, Protecting white-box AES with dual ciphers, in K.H. Rhee and D.\u00a0Nyang, editors, ICISC 10. LNCS, vol. 6829 (Springer, Heidelberg, Germany, Seoul, Korea, Dec.\u00a01\u20133, 2011), pp. 278\u2013291","DOI":"10.1007\/978-3-642-24209-0_19"},{"key":"9315_CR44","doi-asserted-by":"crossref","unstructured":"C.H. Kim, J.\u00a0Quisquater, New differential fault analysis on AES key schedule: two faults are enough, in G.\u00a0Grimaud and F.\u00a0Standaert, editors, CARDIS 2008. Lecture Notes in Computer Science, vol. 5189 (Springer, 2008), pp. 48\u201360","DOI":"10.1007\/978-3-540-85893-5_4"},{"key":"9315_CR45","unstructured":"J.\u00a0Kirsch, Towards transparent dynamic binary instrumentation using virtual machine introspection. REcon. (2015). https:\/\/recon.cx\/2015\/schedule\/events\/20.html"},{"key":"9315_CR46","unstructured":"J.\u00a0Klemsa, Side-Channel Attack Analysis of AES White-Box Schemes. PhD thesis, Czech Technical University in Prague (2016)"},{"key":"9315_CR47","unstructured":"D.\u00a0Klinec, White-box attack resistant cryptography. Master\u2019s thesis, Masaryk University, Brno, Czech Republic (2013). https:\/\/is.muni.cz\/th\/325219\/fi_m\/"},{"issue":"1","key":"9315_CR48","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/s13389-011-0006-y","volume":"1","author":"P Kocher","year":"2011","unstructured":"P.\u00a0Kocher, J.\u00a0Jaffe, B.\u00a0Jun, P.\u00a0Rohatgi, Introduction to differential power analysis. J. Cryptogr. Eng. 1(1), 5\u201327 (2011)","journal-title":"J. Cryptogr. Eng."},{"key":"9315_CR49","doi-asserted-by":"crossref","unstructured":"P.C. Kocher, J.\u00a0Jaffe, B.\u00a0Jun, Differential power analysis, in M.J. Wiener, editor, CRYPTO\u201999, LNCS, vol. 1666 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a015\u201319, 1999), pp. 388\u2013397","DOI":"10.1007\/3-540-48405-1_25"},{"key":"9315_CR50","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/978-3-662-43414-7_14","volume-title":"Selected Areas in Cryptography -- SAC 2013","author":"Tancr\u00e8de Lepoint","year":"2014","unstructured":"T.\u00a0Lepoint, M.\u00a0Rivain, Y.D. Mulder, P.\u00a0Roelse, B.\u00a0Preneel, Two attacks on a white-box AES implementation, in T.\u00a0Lange, K.\u00a0Lauter, and P.\u00a0Lisonek, editors, SAC 2013. LNCS, vol. 8282 (Springer, Heidelberg, Germany, Burnaby, BC, Canada, Aug.\u00a014\u201316, 2014), pp. 265\u2013285"},{"key":"9315_CR51","unstructured":"X.\u00a0Li, K.\u00a0Li, Defeating the transparency features of dynamic binary instrumentation. BlackHat US (2014). https:\/\/www.blackhat.com\/docs\/us-14\/materials\/us-14-Li-Defeating-The-Transparency-Feature-Of-DBI.pdf"},{"key":"9315_CR52","doi-asserted-by":"publisher","first-page":"320","DOI":"10.1007\/978-3-642-15031-9_22","volume-title":"Cryptographic Hardware and Embedded Systems, CHES 2010","author":"Yang Li","year":"2010","unstructured":"Y.\u00a0Li, K.\u00a0Sakiyama, S.\u00a0Gomisawa, T.\u00a0Fukunaga, J.\u00a0Takahashi, K.\u00a0Ohta, Fault sensitivity analysis, in S.\u00a0Mangard and F.-X. Standaert, editors, CHES\u00a02010. LNCS, vol. 6225 (Springer, Heidelberg, Germany, Santa Barbara, CA, USA, Aug.\u00a017\u201320, 2010), pp. 320\u2013334"},{"key":"9315_CR53","unstructured":"H.E. Link, W.D. Neumann, Clarifying obfuscation: improving the security of white-box DES, in International Symposium on Information Technology: Coding and Computing (ITCC 2005). IEEE Computer Society (2005), pp. 679\u2013684"},{"key":"9315_CR54","unstructured":"C.\u00a0Linn, S.K. Debray. Obfuscation of executable code to improve resistance to static disassembly, in S.\u00a0Jajodia, V.\u00a0Atluri, and T.\u00a0Jaeger, editors, Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003. ACM (2003), pp. 290\u2013299"},{"issue":"6","key":"9315_CR55","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1145\/1064978.1065034","volume":"40","author":"Chi-Keung Luk","year":"2005","unstructured":"C.\u00a0Luk, R.S. Cohn, R.\u00a0Muth, H.\u00a0Patil, A.\u00a0Klauser, P.G. Lowney, S.\u00a0Wallace, V.J. Reddi, K.M. Hazelwood, Pin: building customized program analysis tools with dynamic instrumentation, in V.\u00a0Sarkar and M.\u00a0W. Hall, editors, Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation. ACM (2005), pp. 190\u2013200","journal-title":"ACM SIGPLAN Notices"},{"key":"9315_CR56","unstructured":"A.\u00a0Maillet, Nosuchcon 2013 challenge\u2014write up and methodology. Online (2013). http:\/\/kutioo.blogspot.be\/2013\/05\/nosuchcon-2013-challenge-write-up-and.html"},{"issue":"2","key":"9315_CR57","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1049\/iet-ifs.2010.0096","volume":"5","author":"S Mangard","year":"2011","unstructured":"S.\u00a0Mangard, E.\u00a0Oswald, F.\u00a0Standaert, One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100\u2013110 (2011)","journal-title":"IET Inf. Secur."},{"key":"9315_CR58","unstructured":"F.\u00a0Marceau, F.\u00a0Perigaud, A.\u00a0Tillequin, Challenge SSTIC 2012. Online (2012). http:\/\/communaute.sstic.org\/ChallengeSSTIC2012"},{"key":"9315_CR59","unstructured":"E.\u00a0Alpirez Bock, C.\u00a0Brzuska, W.\u00a0Michiels, A.\u00a0Treff, On the ineffectiveness of internal encodings\u2014revisiting the dca attack on white-box cryptography. Cryptology ePrint Archive, Report 2018\/301 (2018). https:\/\/eprint.iacr.org\/2018\/301.pdf"},{"key":"9315_CR60","doi-asserted-by":"crossref","unstructured":"T.S. Messerges, Using second-order power analysis to attack DPA resistant software, in \u00c7etin Kaya.\u00a0Ko\u00e7 and C.\u00a0Paar, editors, CHES\u00a02000. LNCS, vol. 1965 (Springer, Heidelberg, Germany, Worcester, Massachusetts, USA, Aug.\u00a017\u201318, 2000), pp. 238\u2013251","DOI":"10.1007\/3-540-44499-8_19"},{"issue":"1","key":"9315_CR61","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1109\/MSP.2010.44","volume":"8","author":"W Michiels","year":"2010","unstructured":"W.\u00a0Michiels, Opportunities in white-box cryptography. IEEE Secur. Priv., 8(1), 64\u201367 (2010)","journal-title":"IEEE Secur. Priv."},{"key":"9315_CR62","unstructured":"W.\u00a0Michiels, P.\u00a0Gorissen, Mechanism for software tamper resistance: an application of white-box cryptography, in M.\u00a0Yung, A.\u00a0Kiayias, and A.\u00a0Sadeghi, editors, Proceedings of the Seventh ACM Workshop on Digital Rights Management. ACM (2007), pp. 82\u201389"},{"key":"9315_CR63","doi-asserted-by":"publisher","first-page":"414","DOI":"10.1007\/978-3-642-04159-4_27","volume-title":"Selected Areas in Cryptography","author":"Wil Michiels","year":"2009","unstructured":"W.\u00a0Michiels, P.\u00a0Gorissen, H.D.L. Hollmann, Cryptanalysis of a generic class of white-box implementations, in R.M. Avanzi, L.\u00a0Keliher, and F.\u00a0Sica, editors, SAC 2008. LNCS, vol. 5381 (Springer, Heidelberg, Germany, Sackville, New Brunswick, Canada, Aug.\u00a014\u201315, 2009), pp. 414\u2013428"},{"key":"9315_CR64","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/978-3-642-23951-9_20","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2011","author":"Amir Moradi","year":"2011","unstructured":"A.\u00a0Moradi, O.\u00a0Mischke, C.\u00a0Paar, Y.\u00a0Li, K.\u00a0Ohta, K.\u00a0Sakiyama, On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting, in B.\u00a0Preneel and T.\u00a0Takagi, editors, CHES\u00a02011. LNCS, vol. 6917 (Springer, Heidelberg, Germany, Nara, Japan, Sept.\u00a028\u2013Oct.\u00a01, 2011), pp. 292\u2013311"},{"key":"9315_CR65","unstructured":"C.\u00a0Mougey, F.\u00a0Gabriel, D\u00e9sobfuscation de DRM par attaques auxiliaires, in Symposium sur la s\u00e9curit\u00e9 des technologies de l\u2019information et des communications (2014). www.sstic.org\/2014\/presentation\/dsobfuscation_de_drm_par_attaques_auxiliaires"},{"key":"9315_CR66","first-page":"209","volume-title":"Mathematics in Industry","author":"James A. Muir","year":"2012","unstructured":"J.A. Muir, A tutorial on white-box AES, in E.\u00a0Kranakis, editor, Advances in Network Analysis and its Applications, volume\u00a018 of Mathematics in Industry (Springer Berlin Heidelberg, 2013), pp. 209\u2013229"},{"key":"9315_CR67","doi-asserted-by":"crossref","unstructured":"Y.D. Mulder, P.\u00a0Roelse, B.\u00a0Preneel, Cryptanalysis of the Xiao-Lai white-box AES implementation, in L.R. Knudsen and H.\u00a0Wu, editors, SAC 2012. LNCS, vol. 7707 (Springer, Heidelberg, Germany, Windsor, Ontario, Canada, Aug.\u00a015\u201316, 2013), pp. 34\u201349","DOI":"10.1007\/978-3-642-35999-6_3"},{"key":"9315_CR68","doi-asserted-by":"crossref","unstructured":"Y.D. Mulder, B.\u00a0Wyseur, B.\u00a0Preneel, Cryptanalysis of a perturbated white-box AES implementation, in G.\u00a0Gong and K.\u00a0C. Gupta, editors, INDOCRYPT\u00a02010. LNCS, vol. 6498 (Springer, Heidelberg, Germany, Hyderabad, India, Dec.\u00a012\u201315, 2010), pp. 292\u2013310","DOI":"10.1007\/978-3-642-17401-8_21"},{"issue":"6","key":"9315_CR69","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1145\/1273442.1250746","volume":"42","author":"Nicholas Nethercote","year":"2007","unstructured":"N.\u00a0Nethercote, J.\u00a0Seward, Valgrind: a framework for heavyweight dynamic binary instrumentation, in J.\u00a0Ferrante and K.S. McKinley, editors, Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation. ACM (2007), pp. 89\u2013100","journal-title":"ACM SIGPLAN Notices"},{"key":"9315_CR70","doi-asserted-by":"crossref","unstructured":"S.\u00a0Nikova, C.\u00a0Rechberger, V.\u00a0Rijmen, Threshold implementations against side-channel attacks and glitches, in P.\u00a0Ning, S.\u00a0Qing, and N.\u00a0Li, editors, Information and Communications Security, ICICS. LNCS, vol. 4307 (Springer, 2006), pp. 529\u2013545","DOI":"10.1007\/11935308_38"},{"key":"9315_CR71","doi-asserted-by":"crossref","unstructured":"J.\u00a0Patarin, L.\u00a0Goubin, Asymmetric cryptography with S-boxes, in Y.\u00a0Han, T.\u00a0Okamoto, and S.\u00a0Qing, editors, ICICS 97. LNCS, vol. 1334 (Springer, Heidelberg, Germany, Beijing, China, Nov.\u00a011\u201314, 1997), pp. 369\u2013380","DOI":"10.1007\/BFb0028492"},{"key":"9315_CR72","first-page":"77","volume-title":"Lecture Notes in Computer Science","author":"Gilles Piret","year":"2003","unstructured":"G.\u00a0Piret, J.-J. Quisquater, A differential fault attack technique against SPN structures, with application to the AES and KHAZAD, in C.D. Walter, \u00c7etin Kaya.\u00a0Ko\u00e7, and C.\u00a0Paar, editors, CHES\u00a02003. LNCS, vol. 2779 (Springer, Heidelberg, Germany, Cologne, Germany, Sept.\u00a08\u201310, 2003), pp. 77\u201388"},{"issue":"1","key":"9315_CR73","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1109\/SURV.2012.013012.00028","volume":"15","author":"ML Polla","year":"2013","unstructured":"M.L. Polla, F.\u00a0Martinelli, D.\u00a0Sgandurra, A survey on security for mobile devices. IEEE Commun. Surv. Tutor., 15(1), 446\u2013471 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"9315_CR74","first-page":"37","volume-title":"Information Security and Cryptography","author":"Matthieu Rivain","year":"2012","unstructured":"M.\u00a0Rivain, Differential fault analysis of DES, in Joye and Tunstall [42], pp. 37\u201354"},{"key":"9315_CR75","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/978-3-662-52993-5_10","volume-title":"Fast Software Encryption","author":"Pascal Sasdrich","year":"2016","unstructured":"P.\u00a0Sasdrich, A.\u00a0Moradi, T.\u00a0G\u00fcneysu, White-box cryptography in the gray box\u2014a hardware implementation and its side channels, in T.\u00a0Peyrin, editor, FSE\u00a02016. LNCS, vol. 9783 (Springer, Heidelberg, Germany, Bochum, Germany, Mar.\u00a020\u201323, 2016), pp. 185\u2013203"},{"key":"9315_CR76","first-page":"49","volume-title":"Lecture Notes in Computer Science","author":"Amitabh Saxena","year":"2009","unstructured":"A.\u00a0Saxena, B.\u00a0Wyseur, B.\u00a0Preneel, Towards security notions for white-box cryptography, in P.\u00a0Samarati, M.\u00a0Yung, F.\u00a0Martinelli, and C.A. Ardagna, editors, ISC\u00a02009. LNCS, vol. 5735 (Springer, Heidelberg, Germany, Pisa, Italy, Sept.\u00a07\u20139, 2009), pp. 49\u201358"},{"key":"9315_CR77","unstructured":"F.\u00a0Scrinzi, Behavioral analysis of obfuscated code. Master\u2019s thesis, University of Twente, Twente, Netherlands (2015). http:\/\/essay.utwente.nl\/67522\/1\/Scrinzi_MA_SCS.pdf ."},{"key":"9315_CR78","unstructured":"A.\u00a0Souchet, AES whitebox unboxing: no such problem. Online (2013). http:\/\/0vercl0k.tuxfamily.org\/bl0g\/?p=253"},{"key":"9315_CR79","unstructured":"SysK, Practical cracking of white-box implementations. Phrack\u00a068, 14. http:\/\/www.phrack.org\/issues\/68\/8.html"},{"key":"9315_CR80","unstructured":"P.\u00a0Teuwen, CHES2015 writeup. Online (2015). http:\/\/wiki.yobi.be\/wiki\/CHES2015_Writeup#Challenge_4"},{"key":"9315_CR81","unstructured":"P.\u00a0Teuwen, NSC writeups. Online (2015). http:\/\/wiki.yobi.be\/wiki\/NSC_Writeups"},{"key":"9315_CR82","unstructured":"L.\u00a0Tolhuizen, Improved cryptanalysis of an AES implementation, in Proceedings of the 33rd WIC Symposium on Information Theory. Werkgemeenschap voor Inform.-en Communicatietheorie (2012)"},{"key":"9315_CR83","doi-asserted-by":"crossref","unstructured":"M.\u00a0Tunstall, D.\u00a0Mukhopadhyay, S.\u00a0Ali, Differential fault analysis of the advanced encryption standard using a single fault, in C.A. Ardagna and J.\u00a0Zhou, editors, WISTP 2011. Lecture Notes in Computer Science, vol. 6633. (Springer, 2011), pp. 224\u2013233","DOI":"10.1007\/978-3-642-21040-2_15"},{"key":"9315_CR84","unstructured":"U.S. DEPARTMENT OF COMMERCE\/National Institute of Standards and Technology. Data Encryption Standard (DES)"},{"key":"9315_CR85","unstructured":"E.\u00a0Vanderb\u00e9ken, Hacklu reverse challenge write-up. Online (2009). http:\/\/baboon.rce.free.fr\/index.php?post\/2009\/11\/20\/HackLu-Reverse-Challenge"},{"key":"9315_CR86","doi-asserted-by":"crossref","unstructured":"B.\u00a0Wyseur, W.\u00a0Michiels, P.\u00a0Gorissen, B.\u00a0Preneel, Cryptanalysis of white-box DES implementations with arbitrary external encodings, in C.M. Adams, A.\u00a0Miri, and M.J. Wiener, editors, SAC 2007. LNCS, vol. 4876 (Springer, Heidelberg, Germany, Ottawa, Canada Aug.\u00a016\u201317, 2007), pp. 264\u2013277","DOI":"10.1007\/978-3-540-77360-3_17"},{"key":"9315_CR87","unstructured":"Y.\u00a0Xiao, X.\u00a0Lai, A secure implementation of white-box AES, in 2nd International Conference on Computer Science and its Applications, 2009. CSA \u201909 (2009), pp. 1\u20136"},{"key":"9315_CR88","unstructured":"Y.\u00a0Zhou, S.\u00a0Chow, System and method of hiding cryptographic private keys (Dec.\u00a015 2009). US Patent 7,634,091"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-019-09315-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-019-09315-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-019-09315-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,11]],"date-time":"2022-09-11T20:04:17Z","timestamp":1662926657000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-019-09315-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,2,12]]},"references-count":88,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,10]]}},"alternative-id":["9315"],"URL":"https:\/\/doi.org\/10.1007\/s00145-019-09315-1","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,2,12]]},"assertion":[{"value":"21 December 2016","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 February 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 February 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}