WhibOx 2019

White-Box Cryptography and Obfuscation (2nd Edition)

- May 2019, Darmstadt, Germany

WhibOx 2019 is a two-day workshop organized by Chris Brzuska (Aalto University) and Pascal Paillier (CryptoExperts) and that will take place in Darmstadt, Germany, on 18th and 19th May 2019, in the same venue as Eurocrypt 2019.

Workshop focus

The challenge of white-box cryptography (WBC) is to develop implementation techniques for cryptographic programs to protect their inner keys against an all-powerful adversary that knows the program and can play with it at will. This area of cryptography has long been overlooked and perceived as “impossible to realize” in spite of a strong industrial demand for reliable construction techniques. With the rise of iO on one hand, the emergence of powerful attack techniques such as DCA on the other, and the accelerated deployment of WBC-based applications on smartphones, the field of WBC is currently at a critical point and has never attracted more attention within the crypto community (academia, industry and government agencies). With nearly 200 contestants, 100 AES challenge programs and 900 breaks, the WhibOx competition run in 2017 has shown that this tremendous interest was largely shared within the community, and could also translate into operational work in building or attacking white-box implementations.

Following the WhibOx 2016 workshop and the WhibOx 2017 competition, we are now moving forward with a second edition of the workshop and to a second edition of the competition. WhibOx 2019 will be a unique get-together event for the white-box crypto community in its entirety. With talks on all aspects of the subject (theory, attacks, design techniques) and a hands-on session dedicated to attack tools and demos, the workshop will be an opportunity to advance the field and promote its scientific evolution.

Organized by


Affiliated to

Participants will register through the Eurocrypt registration.


Register Here

Confirmed Speakers



Registration will start at 8:30.

Registration and Welcome

  • 8:30 – Registration

  • 8:50 – Welcome

    Pascal Paillier, CryptoExperts

Session 1: White-box designs (1h30)

Session chair: Chris Brzuska, Aalto University

  • 09:00 – White-box cryptography: between academia and industry (Part 1)

    Andrey Bogdanov, CyberCrypt

  • 09:45 – White-box cryptography: between academia and industry (Part 2)

    Andrey Bogdanov, CyberCrypt

Coffee Break (30 min)

Session 2: White-box designs (1h30)

Session chair: Estuardo Alpirez Bock, Aalto University

  • 11:00 – White-box and asymmetrically hard crypto design

    Alex Biryukov, University of Luxembourg

  • 11:45 – New encodings for white-box implementations

    Adrian Ranea, KU Leuven

Lunch Break (1h30)

Session 3: Attacks on white-box cryptography (1h30)

Session chair: Brice Minaud, ENS

  • 14:00 – Grey-box attacks, four years later

    Philippe Teuwen, Quarkslab

  • 14:45 – A DFA attack on white-box implementations of AES with external encodings

    Alessandro Amadori, TU/e

Coffee Break (30 min)

Session 4: Attacks on white-box cryptography (1h30)

Session chair: Philippe Teuwen, Quarkslab

  • 16:00 – DCA attacks against internally encoded white-box implementations

    Junwei Wang, CryptoExperts

  • 16:45 – Security assessment of WhibOx 2017 candidates

    Alexander Treff, University of Lübeck

Day 1 Closing


Registration will start at 8:30.

Registration and Welcome

  • 8:30 – Registration

  • 8:50 – Welcome

Session 5: Theory (1h45)

Session chair: TBA,  joint with OPACity workshop.

  • 9:00 – Foundations of program obfuscation

    Rachel Lin, University of Washington

  • 10:05 – Obfuscation from LWE? proofs, attacks, candidates

    Hoeteck Wee, ENS

Coffee Break (30 min)

Session 6: Theory (1h)

Session chair: TBA,  joint with OPACity workshop.

  • 11:15 – White-box crypto and obfuscation: relations and attacks

    Brice Minaud, ENS

Lunch Break (1h30)

Session 7: Tools and Demos (1h30)

Session chair: Matthieu Rivain, CryptoExperts

  • 14:00 – Optimize your binary tracing: an example with an ECDSA implementation

    Guillaume Vinet, eShard

  • 14:45 – Exploring different faulting techniques for stressing white-box cryptography binaries

    Guillaume Vinet, eShard

Coffee Break (30 min)

Session 8: Tools and Demos (1h30)

Session chair: Louis Goubin, UVSQ

  • 16:00 – Synthesis tools for white-box implementations

    Aleksei Udovenko, University of Luxembourg

  • 16:45 – Call for contribution for a new white-box analytic tools

    Junwei Wang, CryptoExperts

Panel: The white-box contest

Moderator: Pascal Paillier, CryptoExperts

Day 2 Closing


Workshop Will Be Held At

Technische Universität Darmstadt

Room A5, building S1|01, Karolinenplatz 5, Darmstadt, Germany.