On White-box Cryptography and Obfuscation

TL;DR

This paper explores the theoretical limits of obfuscation in white-box cryptography, introducing the White-Box Property (WBP) and Universal White-Box Property (UWBP), and demonstrating their feasibility and limitations through formal results.

Contribution

It formalizes the WBP and UWBP concepts, proving that most programs cannot satisfy WBP universally, and provides positive results for specific non-learnable families.

Findings

Most programs cannot satisfy WBP for all specifications.

Existence of obfuscators achieving WBP for certain non-learnable families.

Existence of obfuscators satisfying UWBP for approximately-learnable families.

Abstract

We study the relationship between obfuscation and white-box cryptography. We capture the requirements of any white-box primitive using a \emph{White-Box Property (WBP)} and give some negative/positive results. Loosely speaking, the WBP is defined for some scheme and a security notion (we call the pair a \emph{specification}), and implies that w.r.t. the specification, an obfuscation does not leak any ``useful'' information, even though it may leak some ``useless'' non-black-box information. Our main result is a negative one - for most interesting programs, an obfuscation (under \emph{any} definition) cannot satisfy the WBP for every specification in which the program may be present. To do this, we define a \emph{Universal White-Box Property (UWBP)}, which if satisfied, would imply that under \emph{whatever} specification we conceive, the WBP is satisfied. We then show that for every non-approximately-learnable family, there exist (contrived) specifications for which the WBP (and thus, the UWBP) fails. On the positive side, we show that there exists an obfuscator for a non-approximately-learnable family that achieves the WBP for a certain specification. Furthermore, there exists an obfuscator for a non-learnable (but approximately-learnable) family that achieves the UWBP. Our results can also be viewed as formalizing the distinction between ``useful'' and ``useless'' non-black-box information.