Galaxy: A Family of Stream-Cipher-Based Space-Hard Ciphers

Abstract

Whitebox cryptography seeks to ensure the security of cryptographic algorithms against adversaries who have unlimited access to the environments for their implementation. At ACM CCS 2015, Bogdanov and Isobe proposed a security notion called space hardness and a secure block cipher named SPACE in the whitebox setting. SPACE is a table-based cryptographic primitive whose table comprises the pairs of inputs to a block cipher such as AES and the corresponding outputs. In line with SPACE, other whitebox cryptographic schemes were proposed and offer sufficient security as SPACE does. However, there is still room for improvement in the performance of their encryption and table generation. In this paper, we propose a new family of whitebox cryptographic primitives called Galaxy to enhance the performance of the encryption and table generation. Galaxy employs a stream cipher to generate the table instead of a block cipher. The security of Galaxy against key-extraction attacks in the whitebox setting is reduced to the key-extraction problem for the stream cipher in the blackbox setting. Additionally, we utilize type-2 generalized Feistel network with optimal shuffle layers for the algorithm of Galaxy to improve the encryption performance. Type-2 generalized Feistel network enables parallel table lookups in the algorithm of Galaxy. As a result, we successfully increase the speed of encryption by 1.3–15 times. Besides, when we use chacha for table generation of Galaxy and AES for other existing block-cipher-based whitebox schemes, we can create the table of Galaxy 1.5–10 times faster than that of other existing whitebox schemes.