Skip to Main Content
To ensure the security of software executing on malicious hosts, as in digital rights management (DRM) applications, it is desirable to encrypt or decrypt content using white-box-encoded cryptographic algorithms in the manner of Chow et al. (2002). Such encoded algorithms must run on an adversary's machine without revealing the private key information used, despite the adversary's ability to observe and manipulate the running algorithm. We have implemented obfuscated (white-box) DES and triple-DES algorithms along the lines of Chow et al., with alterations that improve the security of the key. Our system is secure against two previously published attacks on Chow et al.'s system, and our own adaptation of a statistical bucketing attack on their system.