Nevertheless, this result does not exclude the existence of secure code obfuscators: Wee [Wee05] presented a provably secure obfuscator for a point function, which can be exploited in practice to construct authentication functionalities. Attacking an obfuscated cipher by injecting faults. For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered. On the Im possibility of Obfuscating Programs. The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions.

Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al. On the Impossibility of Obfuscation with Auxiliary Input. Positive Results and Techniques for Obfuscation. On the Im possibility of Obfuscating Programs. Similar theoretic approaches have been conceived for white-box cryptography in [Sax09].

Jan 13, version: Research Academic research in white-box cryptography can be categorized into three activities.

Obfuscation for Cryptographic Purposes. For example, to create the equivalent of a smart-card-based AES encryption function in software, it does not suffice that the white-box implementation resists extraction of its embedded key, but it must also be hard to invert.

On Obfuscating Point Functions. It makes sense to define white-box cryptography accordingly since it reflects more reality. Nevertheless, this result does not exclude the existence of secure code obfuscators: Ran Canetti and Mayank Varia.

## Whiteboxcrypto

Theory White-box cryptography is often linked with code obfuscation, since both aim to protect software implementations. Resources Slides March — slides PhD defense.

For example, a scheme is defined CPA-secure if an attacker cannot compute the plaintext from a given ciphertext, or KR-secure when the secret key cannot be recovered.

Similar theoretic approaches have been conceived for white-box cryptography in thhesis. The main difference between code obfuscation and white-box cryptography is that the security of the latter needs to be validated with respect to security notions.

# Bart Preneel | SBA Research

A security notion is a formal description of the security of a cryptographic scheme. Attacking an obfuscated cipher by injecting faults.

Theoretic research on code obfuscation gained momentum with the seminal paper of Barak et al.

On the Pfeneel possibility of Obfuscating Programs. Both have received similar scepticism on its feasibility and lack of theoretic foundations. White-box implementations and cryptanalysis results A selection of the state of the art: Shafi Goldwasser and Yael Tauman Kalai.

On the Impossibility of Obfuscation with Auxiliary Input. Wee [Wee05] presented a provably secure prreneel for a point function, which can be exploited in practice to construct authentication functionalities.

## Bart Preneel

ITCC 1pages Wyseur, and Bart Preneel: Indeed, it does not suffice to only protect an application against extraction of embedded secret keys. Chand Gupta, and G. Positive Results and Techniques for Obfuscation.