Power analysis exploits the leaked information gained from cryptographic devices including, but not limited to, power consumption generated during cryptographic operations. If a number of power traces are given to an attacker, it is possible to reveal a cryptographic key efficiently, sometimes within a few minutes, using various statistical methods. In this sense, software countermeasures including higher-order masking or software dual-rail with precharge logic have been proposed to produce randomized or constant power consumption during the key-dependent operations. However, they have critical disadvantages in terms of computational time and security. In this paper, we propose a new solution called “one-bit to four-bit dual conversion” for enhanced security against power analysis. For an exemplary embodiment of the proposed scheme, we apply it to an AES implementation and demonstrate its security and performance. The overall costs are approximately 148KB memory space for the lookup tables and about a 3-fold increase in execution time than the straightforward implementation of AES.

Encoded lookup tables used in white-box cryptography are known to be vulnerable to power analysis due to the imbalanced encoding. This means that the countermeasures against white-box attacks can not even defend against gray-box attacks. For this reason, those who want to defend against power analysis through the white-box cryptographic implementation need to find other ways. In this paper, we propose a method to defend power analysis without resolving the problematic encoding problem. Compared with the existing white-box cryptography techniques, the proposed method has twice the size of the lookup table and nearly the same amount of computation.

To support secure database management, a number of value-added encryption schemes have been studied including order-revealing encryption (ORE) schemes. One of outstanding features of ORE schemes is the efficiency of range queries in an encrypted form. Compared to existing encryption methods, ORE leads to an increase in the length of ciphertexts. To improve the efficiency of ORE schemes in terms of the length of ciphertext, a new ORE scheme with shorter ciphertext has been proposed by Kim. In this paper, we revisit Kim's ORE scheme and show that the length of ciphertexts is not as short as analyzed in their paper. We also introduce a simple modification reducing the memory requirement than existing ORE schemes.

Order-preserving encryption using the hypergeomatric probability distribution leaks about the half bits of a plaintext and the distance between two arbitrary plaintexts. To solve these problems, Popa et al. proposed a mutable order-preserving encoding. This is a keyless encoding scheme that adopts an order-preserving index locating the corresponding ciphertext via tree-based data structures. Unfortunately, it has the following shortcomings. First, the frequency of the ciphertexts reveals that of the plaintexts. Second, the indices are highly correlated to the corresponding plaintexts. For these reasons, statistical cryptanalysis may identify the encrypted fields using public information. To overcome these limitations, we propose a multi-tree approach to the mutable order-preserving encoding. The cost of interactions increases by the increased number of trees, but the proposed scheme mitigates the distribution leakage of plaintexts and also reduces the problematic correlation to plaintexts.

White-box cryptographic implementations often use masking and shuffling as countermeasures against key extraction attacks. To counter these defenses, higher-order Differential Computation Analysis (HO-DCA) and its variants have been developed. These methods aim to breach these countermeasures without needing reverse engineering. However, these non-invasive attacks are expensive and can be thwarted by updating the masking and shuffling techniques. This paper introduces a simple binary injection attack, aptly named clear & return, designed to bypass advanced masking and shuffling defenses employed in white-box cryptography. The attack involves injecting a small amount of assembly code, which effectively disables run-time random sources. This loss of randomness exposes the unprotected lookup value within white-box implementations, making them vulnerable to simple statistical analysis. In experiments targeting open-source white-box cryptographic implementations, the attack strategy of hijacking entries in the Global Offset Table (GOT) or function calls shows effectiveness in circumventing run-time countermeasures.