We announce the release of a new version of Blue Galaxy Energy, our white-box cryptanalysis tool implementing the BGE attack against AES. This version addresses the main limitations of the previous version.

We introduce a new white-box cryptanalysis tool based on the pioneering BGE paper but without known open source public implementation so far.

We are releasing a new cryptanalysis tool based on a known paper but without known open source public implementation so far.

This post is a noob-friendly introduction to whiteboxes along with the presentation and explanation of a (not-new) collision-based attack. The attack is demonstrated against a public whitebox, using QBDI to instrument and analyze the target in order to produce traces of execution.

On how we used LIEF to lift an Android x86_64 library to Linux to perform our usual white-box attacks on it.

With the Differential Computation Analysis (DCA) presented at CHES 2016, we have shown that side-channel techniques developed to break hardware cryptographic implementations can be adapted successfully to break white-box implementations. In this post, we will explore another class of hardware attacks: fault injections and how to apply them on white-box implementations.