Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2022 Dec 2;22(23):9444.
doi: 10.3390/s22239444.

AES Based White Box Cryptography in Digital Signature Verification

Piyush Kumar Shukla  1 Amer Aljaedi  2 Piyush Kumar Pareek  3 Adel R Alharbi  2 Sajjad Shaukat Jamal  4
Affiliations

AES Based White Box Cryptography in Digital Signature Verification

Piyush Kumar Shukla et al. Sensors (Basel). .

Abstract

According to the standard paradigm, white box cryptographic primitives are used to block black box attacks and protect sensitive information. This is performed to safeguard the protected information and keys against black box assaults. An adversary in such a setting is aware of the method and can analyze many system inputs and outputs, but is blind to the specifics of how a critical instantiation primitive is implemented. This is the focus of white-box solutions, which are designed to withstand attacks that come from the execution environment. This is significant because an attacker may obtain unrestricted access to the program's execution in this environment. The purpose of this article is to assess the efficiency of white-box implementations in terms of security. Our contribution is twofold: first, we explore the practical implementations of white-box approaches, and second, we analyze the theoretical foundations upon which these implementations are built. First, a research proposal is crafted that details white-box applications of DES and AES encryption algorithms. To begin, this preparation is necessary. The research effort planned for this project also includes cryptanalysis of these techniques. Once the general cryptanalysis results have been examined, the white-box design approaches will be covered. We have decided to launch an investigation into creating a theoretical model for white box, since no prior formal definitions have been offered, and suggested implementations have not been accompanied by any assurance of security. This is due to the fact that no formal definition of "white box" has ever been provided. In this way lies the explanation for why this is the situation. We define WBC to encompass the security requirements of WBC specified over a white box cryptography technology and a security concept by studying formal models of obfuscation and shown security. This definition is the product of extensive investigation. This state-of-the-art theoretical model provides a setting in which to investigate the security of white-box implementations, leading to a wide range of positive and negative conclusions. As a result, this paper includes the results of a Digital Signature Algorithm (DSA) study which may be put to use in the real world with signature verification. Possible future applications of White Box Cryptography (WBC) research findings are discussed in light of these purposes and areas of investigation.

Keywords: AES; attack; digital signature; white box cryptography.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
Security Advantages of Digital Signatures.
Figure 2
Figure 2
Signature Generation.
Figure 3
Figure 3
DFD of Digital Signature Verification Module shows the data flow diagram of Signature verification module in application RSAAPP.
Figure 4
Figure 4
The Merkle–Damgård construction.
Figure 5
Figure 5
The MD5 Algorithm.
Figure 6
Figure 6
Iteration of SHA function.
Figure 7
Figure 7
SHA compression function.
See this image and copyright information in PMC

References

    1. Abdullah K., Bakar S.A., Kamis N.H., Aliamis H. RSAcryptosystem with Fuzzy Set Theory for Encryption and Decryption; Proceedings of the 13th IMT-GT International Conference on Mathematics, Statistics and their Applications (ICMSA2017); Kedah, Malaysia. 4–7 December 2017; pp. 1–6.
    1. Abu-Dawas M.A., Hussain A.K. Enhancement of RSA scheme using agreement secure information for nearest parameters. Int. J. Comput. Inf. Technol. 2015;4:194–196.
    1. Aiswarya P.M., Raj A.A., John D., Martin L., Sreenu G. Binary RSA encryption algorithm; Proceedings of the International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT); Thuckalay, India. 16–17 December 2016; pp. 178–181.
    1. Ali H., Al-Salami M. Timing attack prospect for RSA cryptanalysis using genetic algorithm technique. Int. Arab. J. Inf. Technol. 2004;1:80–84.
    1. Ali-Al-Mamun M., Islam M.M., Romman S.M., Salahuddin Ahmad A.H. Performance evaluation of several efficient RSA variants. Int. J. Comput. Sci. Netw. Secur. 2008;1:7–11.