White-Box Implementations for Hash-Based Signatures and One-Time Passwords
Kemal Bicakci, Kemal Ulker, Yusuf Uzunay, Halis Taha Şahin, Muhammed Said Gündoğan
Cryptology ePrint Archive
White-box cryptography challenges the assumption that the end points are trusted and aims at providing protection against an adversary more powerful than the one in the traditional black-box cryptographic model. Most existing white-box implementations focus on symmetric encryption. In particular, we are not aware of any previous work on general-purpose quantum-safe digital signature schemes also secure against white-box attackers. We present white-box implementations for hash-based signatures so that the security against white-box attackers depends on the availability of a white-box secure pseudorandom function (in addition to a general one-way function). We also present a hash tree-based solution for one-time passwords secure in a white-box attacker context. We implement the proposed solutions and share our performance results.