ph4r05 / whitebox-crypto-aes Goto Github PK

View Code? Open in Web Editor NEW

336.0 30.0 111.0 809 KB

Whitebox AES implementation in C++. Chow, Karroumi.

Home Page: https://is.muni.cz/th/325219/fi_m/

C++ 94.62% C 3.82% MATLAB 0.13% CMake 1.17% Shell 0.26%

whitebox whitebox-aes chow aes-cipher cryptography

whitebox-crypto-aes's Introduction

Whitebox-crypto-AES

Whitebox cryptography AES implementation.

This repository contains a C++ implementation of:

Complete whitebox AES-128 scheme introduced by Chow et al [2]. Implements/uses input/output encodings, mixing bijections, external encodings.
Complete whitebox AES-128 scheme introduced by Karroumi [3] which uses an idea of dual AES ciphers (using a different generating polynomial for AES cipher) for creating a stronger AES whitebox scheme.
Implementation of the [BGE] Attack on Chow's AES whitebox implementation found by Billet et al [4]. Attack uses whitebox AES generator to create a random instance of whitebox AES scheme with secret key K embedded in the implementation. The attack then recovers the secret key K from the tables representing the given instance. This BGE attack also breaks scheme proposed by Karroumi what I found out while working on my diploma thesis.

The implementation contains:

Whitebox AES code generator in both Chow and Karroumi schemes. It generates a randomized whitebox AES instance with embedded encryption key K which can be used either for encryption or for decryption. Instance can be serialized to a file.
Code for running generated whitebox AES instance for encryption/decryption.
BGE key recovery attack on a generated whitebox AES instance.
Unit tests.

You also might be interested in my Java implementation of the Chow's whitebox AES scheme. In my diploma thesis I suggest modifications and improvements for a new whitebox-suited symmetric-key encryption algorithm based on AES.

[2]: Stanley Chow, Phil Eisen, Harold Johnson, and Paul C. Van Oorschot. White-box cryptography and an AES implementation. In Proceedings of the Ninth Workshop on Selected Areas in Cryptography (SAC 2002, pages 250–270. Springer-Verlag, 2002.

[3]: Mohamed Karroumi. Protecting white-box AES with dual ciphers. In Proceedings of the 13th international conference on Information security and cryptology, ICISC’10, pages 278–291, Berlin, Heidelberg, 2011. Springer-Verlag. ISBN 978-3-642-24208-3.

[4]: Olivier Billet, Henri Gilbert, and Charaf Ech-Chatbi. Cryptanalysis of a white box AES implementation. In Proceedings of the 11th international conference on Selected Areas in Cryptography, SAC’04, pages 227–240, Berlin, Heidelberg, 2005. Springer-Verlag. ISBN 3-540-24327-5, 978-3-540-24327-4. doi: 10.1007/978-3-540-30564-4_16.

Dependencies

C++11 and higher
CMake 3.2+
NTL 11.4+
boost_iostreams 1.55+
boost_serialization 1.55+
boost_program_options 1.55+
boost_random 1.55+

Description:

NTL math library is used for computation in finite fields & algebra.
Boost library for serialization of the scheme instance & program input parameters parsing. Version 1.55

Building

Travis is configured for the project so in case of any problems please refer to the travis configuration file.
Install dependencies. For installing NTL you can use provided scripts install-ntl.sh or install-ntl-cached.sh
Use cmake to build

mkdir build-debug
cd build-debug
cmake -DCMAKE_BUILD_TYPE=Debug ..
make

Usage

The project contains basic Whitebox AES cipher core - for encrypting / decrypting one single AES block.

In order to demonstrate the basic usage there has been implemented:

PKCS5 padding, so plaintext input does not have to be byte aligned to the length of the AES block. Implemented in EncTools.
ECB encryption mode
CBC encryption mode

The implementation of the PKCS5, ECB, CBC is for demonstration/academic purposes as it may leak information via side channels (i.e., timing, memory access patterns)

Note the Padding can be used only if External encodings are not used. Otherwise the input / output has to be by definition padded to the block size so the ExtIO encoding can be removed before operation.

The project contains demo BGE attack in the target ./testing.

There are also some tests implemented using GTest in the target ./gtesting.

The target ./main contains basic runnable main with few options - allows to use the WBAES from the command line.

Usage:

WBAES table implementation usage:
  -h [ --help ]                   Display this help message
  --bench-gen [=arg(=0)] (=0)     Benchmarking rounds for AES gen
  --bench-bge [=arg(=0)] (=0)     Benchmarking rounds for AES BGE attack
  -e [ --extEnc ] [=arg(=0)] (=0) Use external encoding?
  -o [ --out-file ] arg           Output file to write encrypted data
  --input-files arg               Input files
  --create-table arg              Create encryption/decryption tables
  --create-random [=arg(=0)] (=0) Create tables with random key
  --use-key arg                   Create encryption/decryption with given
                                  hex-coded key
  --use-iv arg                    Use CBC with given hex-coded IV
  --load-tables arg               Loads encryption/decryption tables from given
                                  file
  --decrypt [=arg(=0)] (=0)       Should perform encryption or decryption
  --pkcs5 [=arg(=0)] (=0)         Enables PKCS5 padding
  --cbc [=arg(=0)] (=0)           Uses CBC mode
  -v [ --version ]                Display the version number

Example:

# Generate new WBAES table, disable extIO
./main --create-table /tmp/aes-table --extEnc=0

# Load existing WBAES tables and encrypt them with CBC and PKCS5
./main --load-tables /tmp/aes-table --extEnc=0 --input-files /tmp/aes-table --pkcs5=1 --cbc=1 -o /tmp/aes-table.enc

# Load existing WBAES tables and decrypt previously encrypted file
./main --load-tables /tmp/aes-table --extEnc=0 --input-files /tmp/aes-table.enc --pkcs5=1 --cbc=1 -o /tmp/aes-table.dec --decrypt=1

# Compare original and dec(enc(original))
diff /tmp/aes-table /tmp/aes-table.dec

License

Code is published under license: GPLv3 [http://www.gnu.org/licenses/gpl-3.0.html]. This license holds from the first commit. I also require to include my copyright header in files if you decide to use my source codes.

Using GPL in short means that if you incorporate this source code to your application, it has to be also published under GPLv3. Also if you make any improvement to my source code and you will use improved version you are obliged to publish improved version as well.

If this license does not fit to you, drop me an email, I am sure we can negotiate somehow.

** UPDATE 31.01.2017 **
NTL is now licensed under LGPL v2.1+ so I can relicense the code to LGPL v2.1+ by a written permission. So the code is by default GPLv3 licensed, but if you drop me an email I will give you LGPL v2.1+ license. I am also free to talk about other licensing options.

Donating

This implementation is an open source. If you like the code or you do find it useful please feel free to donate to the author whatever amount you would like by clicking on the paypal button below. And if you don't feel like donating, that's OK too.

Bitcoin:

1DBr1tfuqv6xphg5rzNTPxqiUbqbRHrM2E

Monero:

8BDHew2uRt5N1qgBGe88ZcSwM4wmQfWuAVDWQwJebNg9VYHxbRBgARPd39Ftx61Ss3WmkDCu8FDvR9wJ27aoqBVT1PF5kmE

Contributing

If you want to improve my code by extending it to AES-256 or implementing other whitebox AES schemes do not hesitate to submit a pull request. Please also consider it if you find some bug in the code. I am not actively developing this code at the moment but I will review the pull requests. Thanks!

whitebox-crypto-aes's People

Contributors

Stargazers

Watchers

Forkers

lulongping zeuscane greggjaskiewicz sangk54 petrs ankitagg183 tempbottle crocs-muni doegox liuguilin129 gospeljohn fakub henrywan19 wellcomez kiiim1099 veawor fatgrass enascimento meilinxiaoxue siweisun dmpingfan nemirst liujianqun luciouskami anboskywalker ddddavidee mumblebo xuehuaze disillusion028 anda0109 onlykfc thliew deepviolet pingfandang bongtrop cryptofanorg kevinhuang06 wiganx mrtomasz atunc timzhang926 denis-chen junwei-wang fangchengjd acad2 heartbee antizy0 militing mixc0lumn in7egral k0rz3n idkwim niehaokang kaoh bradydreamer risid whocare2014 socram0x arthurvdmerwe dip16k ronhab wutiejun one30 hmyit skywalkerex iceboy926 williamstao anxiazifeng xiangsky wonwinlee datougui2020 secice pvanleeuwen sumincy c0rpse xuzhuo2012 e882 d351d3r dendisuhubdy orvillezhao phongkien ollcp szlzhm spencerhowell husjdodoanthing deeby sky9743 ch4r04 henrikbach1 kaerez wjfree nansongcheng sangmosung xyxdaily markeyn ykscode zheleziv nuclearplan wanliliu guxiaonian

whitebox-crypto-aes's Issues

Variables do not take the preference set by the user.

When the user "true" sets the randomKey and decrypt options are not applied in the code.

SOLUTION:
Line 90:
("create-random", po :: value () -> default_value (false) -> implicit_value (false), "Create tables with random key")

Change:
("create-random", po :: value () -> default_value (randomKey) -> implicit_value (randomKey), "Create tables with random key")

Line 93:
("decrypt", po::value()->default_value(false)->implicit_value(false), "Should perfom encryption or decryption")

Change:
("decrypt", po::value()->default_value(decrypt)->implicit_value(decrypt), "Should perfom encryption or decryption")

When encrypting / decrypting a .txt file is added trash at the end

The problem is at line 379 on return of the function:
long int iter2comp = min(iters, (long int) ceil((float)bRead / N_BYTES));

The entire iter2comp is coming with one more element. Workaround:
long int iter2comp = (min (iters, (long int) ceil ((float) bRead / N_BYTES)) - 1);

Confusion about BGE Attack

Dear Owner,

I builded given source code and get two executible file, its name are main and testing, am I right? When I run testing executible file on my terminal, then some calculation start and takes approximately 2 mins to be completed. After end of this process, got to AES secret key which have used in key table generation. So this demo example is BGE attack, right? It means that attacker can be easily extract secret key from the key table. So how can make secured whitebox cryptograhy. Please help me on my confusion, because I want to use this library in my application.

Don't display default AES key when loading from tables

When using --load-tables it still prints the message about AES key, therefore showing the default key:

AES key to use: 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c

A bit cosmetic but this should be masked to avoid confusion IMHO.

Failed to get the hash for HEAD:

Hi everyone:

please during the build i am getting the following error:
Performing update step for 'googletest'
CMake Error at /Users/ranasaleh/Downloads/Whitebox-crypto-AES-master-3/build-debug/googletest-download/googletest-prefix/tmp/googletest-gitupdate.cmake:25 (message):
Failed to get the hash for HEAD:

Any idea?
Your help is really apreciated
Thank you

Build fails and "undefined reference" error on Ubuntu

Hi, I'm trying to build the project on Ubuntu.
When I run "cmake -DCMAKE_BUILD_TYPE=Debug .." or "cmake -DCMAKE_BUILD_TYPE=Release ..", I notice that there is a little "Failed" word but I don't know what it means and I tried to search it on google but failed.
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Failed
And if I then directly run "make", I will get follwing error, could you please tell me what's going on here and how can I solve it?
I'm not very good at building process on Linux, thank you very much.

Scanning dependencies of target gtest
[  1%] Creating directories for 'gtest'
[  2%] Performing download step (download, verify and extract) for 'gtest'
-- Downloading...
   dst='/mnt/d/WSL/Whitebox-crypto-AES-master/build-release/gtest/src/master.zip'
   timeout='none'
-- Using src='https://github.com/google/googletest/archive/master.zip'
-- [download 100% complete]
-- Downloading... done
-- extracting...
     src='/mnt/d/WSL/Whitebox-crypto-AES-master/build-release/gtest/src/master.zip'
     dst='/mnt/d/WSL/Whitebox-crypto-AES-master/build-release/gtest/src/gtest'
-- extracting... [tar xfz]
-- extracting... [analysis]
-- extracting... [rename]
-- extracting... [clean up]
-- extracting... done
[  4%] No patch step for 'gtest'
[  5%] No update step for 'gtest'
[  7%] Performing configure step for 'gtest'
-- The C compiler identification is GNU 9.2.1
-- The CXX compiler identification is GNU 9.2.1
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /usr/bin/c++
-- Check for working CXX compiler: /usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found PythonInterp: /usr/bin/python (found version "2.7.17")
-- Looking for pthread.h
-- Looking for pthread.h - found
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Failed
-- Looking for pthread_create in pthreads
-- Looking for pthread_create in pthreads - not found
-- Looking for pthread_create in pthread
-- Looking for pthread_create in pthread - found
-- Found Threads: TRUE
-- Configuring done
-- Generating done
-- Build files have been written to: /mnt/d/WSL/Whitebox-crypto-AES-master/build-release/gtest/src/gtest-build
[  8%] Performing build step for 'gtest'
Scanning dependencies of target gtest
[ 12%] Building CXX object googletest/CMakeFiles/gtest.dir/src/gtest-all.cc.o
[ 25%] Linking CXX static library ../lib/libgtest.a
[ 25%] Built target gtest
Scanning dependencies of target gmock
[ 37%] Building CXX object googlemock/CMakeFiles/gmock.dir/src/gmock-all.cc.o
[ 50%] Linking CXX static library ../lib/libgmock.a
[ 50%] Built target gmock
Scanning dependencies of target gmock_main
[ 62%] Building CXX object googlemock/CMakeFiles/gmock_main.dir/src/gmock_main.cc.o
[ 75%] Linking CXX static library ../lib/libgmock_main.a
[ 75%] Built target gmock_main
Scanning dependencies of target gtest_main
[ 87%] Building CXX object googletest/CMakeFiles/gtest_main.dir/src/gtest_main.cc.o
[100%] Linking CXX static library ../lib/libgtest_main.a
[100%] Built target gtest_main
[ 10%] No install step for 'gtest'
[ 11%] Completed 'gtest'
[ 11%] Built target gtest
Scanning dependencies of target gtesting
[ 13%] Building CXX object CMakeFiles/gtesting.dir/base.cpp.o
[ 14%] Building CXX object CMakeFiles/gtesting.dir/BGEAttack.cpp.o
[ 15%] Building CXX object CMakeFiles/gtesting.dir/GenericAES.cpp.o
[ 17%] Building CXX object CMakeFiles/gtesting.dir/LinearAffineEq.cpp.o
[ 18%] Building CXX object CMakeFiles/gtesting.dir/LinearAffineEq_test.cpp.o
[ 20%] Building C object CMakeFiles/gtesting.dir/md5.c.o
[ 21%] Building CXX object CMakeFiles/gtesting.dir/MixingBijections.cpp.o
[ 23%] Building CXX object CMakeFiles/gtesting.dir/NTLUtils.cpp.o
[ 24%] Building CXX object CMakeFiles/gtesting.dir/WBAES.cpp.o
[ 26%] Building CXX object CMakeFiles/gtesting.dir/WBAESGenerator.cpp.o
[ 27%] Building CXX object CMakeFiles/gtesting.dir/RingBuffer.cpp.o
[ 28%] Building CXX object CMakeFiles/gtesting.dir/EncTools.cpp.o
[ 30%] Building CXX object CMakeFiles/gtesting.dir/InputObject.cpp.o
[ 31%] Building CXX object CMakeFiles/gtesting.dir/InputObjectBuffer.cpp.o
[ 33%] Building CXX object CMakeFiles/gtesting.dir/InputObjectIstream.cpp.o
[ 34%] Building CXX object CMakeFiles/gtesting.dir/InputObjectOstream.cpp.o
[ 36%] Building CXX object CMakeFiles/gtesting.dir/InputObjectIOstream.cpp.o
[ 37%] Building CXX object CMakeFiles/gtesting.dir/tests/WBAes.cpp.o
[ 39%] Building CXX object CMakeFiles/gtesting.dir/tests/tester.cpp.o
[ 40%] Building CXX object CMakeFiles/gtesting.dir/tests/Commons.cpp.o
[ 42%] Building CXX object CMakeFiles/gtesting.dir/tests/RingBufferTest.cpp.o
[ 43%] Building CXX object CMakeFiles/gtesting.dir/tests/EncToolsTest.cpp.o
[ 44%] Linking CXX executable gtesting
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `redc(_ntl_gbigint_body*, _ntl_gbigint_body*, long, unsigned long, _ntl_gbigint_body*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5497: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5509: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_rem_struct_basic::eval(long*, _ntl_gbigint_body*, _ntl_tmp_vec*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:7962: undefined reference to `__gmpn_mod_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_reduce_struct_montgomery::eval(_ntl_gbigint_body**, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5581: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5593: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_crt_struct_basic::eval(_ntl_gbigint_body**, long const*, _ntl_tmp_vec*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:6790: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `gmod_simple(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3521: undefined reference to `__gmpn_tdiv_qr'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_rem_struct_fast::eval(long*, _ntl_gbigint_body*, _ntl_tmp_vec*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8002: undefined reference to `__gmpn_mod_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_rem_struct_medium::eval(long*, _ntl_gbigint_body*, _ntl_tmp_vec*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8046: undefined reference to `__gmpn_mod_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_grshift(_ntl_gbigint_body*, long, _ntl_gbigint_body**)': /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2428: undefined reference to `__gmpn_rshift'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_glshift(_ntl_gbigint_body*, long, _ntl_gbigint_body**)': /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2363: undefined reference to `__gmpn_lshift'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gadd(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/include/gmp.h:2135: undefined reference to `__gmpn_add_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `__gmpn_sub':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gadd(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsub(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2135: undefined reference to `__gmpn_add_n'
/usr/bin/ld: /usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `__gmpn_sub':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsub(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsubpos(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmul(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2903: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `base_mul':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2908: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmul(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2903: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `base_mul':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2908: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmul(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2903: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `base_mul':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2908: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmul(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2903: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `base_mul':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2908: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmul(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3042: undefined reference to `__gmpn_mul'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2976: undefined reference to `__gmpn_mul'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3018: undefined reference to `__gmpn_sqr'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2952: undefined reference to `__gmpn_sqr'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3036: undefined reference to `__gmpn_mul'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:2970: undefined reference to `__gmpn_mul'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsq(_ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3151: undefined reference to `__gmpn_sqr'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3182: undefined reference to `__gmpn_sqr'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsmul(_ntl_gbigint_body*, long, _ntl_gbigint_body**)':   /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3243: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3241: undefined reference to `__gmpn_lshift'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsdiv(_ntl_gbigint_body*, long, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3303: undefined reference to `__gmpn_divrem_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3301: undefined reference to `__gmpn_rshift'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsmod(_ntl_gbigint_body*, long)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3367: undefined reference to `__gmpn_mod_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gdiv(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3443: undefined reference to `__gmpn_tdiv_qr'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_crt_struct_fast::eval(_ntl_gbigint_body**, long const*, _ntl_tmp_vec*)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:7114: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsqrts(long)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3555: undefined reference to `__gmpn_sqrtrem'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gsqrt(_ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3643: undefined reference to `__gmpn_sqrtrem'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_ggcd(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3787: undefined reference to `__gmpn_gcd'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:3789: undefined reference to `__gmpn_gcd'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gexteucl(_ntl_gbigint_body*, _ntl_gbigint_body**, _ntl_gbigint_body*, _ntl_gbigint_body**, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:4207: undefined reference to `__gmpn_gcdext'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_ginv(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:4328: undefined reference to `__gmpn_gcdext'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gaorsmul_1(_ntl_gbigint_body*, long, long, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8325: undefined reference to `__gmpn_submul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8300: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8117: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:8309: undefined reference to `__gmpn_mul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_quick_accum_muladd(_ntl_gbigint_body*, _ntl_gbigint_body*, long)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:9078: undefined reference to `__gmpn_addmul_1'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_leftrotate(_ntl_gbigint_body**, _ntl_gbigint_body* const*, long, _ntl_gbigint_body*, long, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:9193: undefined reference to `__gmpn_lshift'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:9206: undefined reference to `__gmpn_lshift'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_leftrotate(_ntl_gbigint_body**, _ntl_gbigint_body* const*, long, _ntl_gbigint_body*, long, _ntl_gbigint_body**)':
/usr/local/include/gmp.h:2226: undefined reference to `__gmpn_com'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_ss_submod(_ntl_gbigint_body**, _ntl_gbigint_body* const*, _ntl_gbigint_body* const*, _ntl_gbigint_body*, long)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:9327: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_ss_submod(_ntl_gbigint_body**, _ntl_gbigint_body* const*, _ntl_gbigint_body* const*, _ntl_gbigint_body*, long)':
/usr/local/include/gmp.h:2190: undefined reference to `__gmpn_sub_n'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `wrapped_mpz::wrapped_mpz()':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gpowermod(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5679: undefined reference to `__gmpz_import'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmp_powermod':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5680: undefined reference to `__gmpz_import'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5681: undefined reference to `__gmpz_import'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5683: undefined reference to `__gmpz_powm'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `wrapped_mpz::~wrapped_mpz()':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmp_powermod':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5696: undefined reference to `__gmpz_export'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `wrapped_mpz::~wrapped_mpz()':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gpowermod(_ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body*, _ntl_gbigint_body**)':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5713: undefined reference to `__gmpz_import'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `_ntl_gmp_powermod_alt':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5714: undefined reference to `__gmpz_import'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5715: undefined reference to `__gmpz_import'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5717: undefined reference to `__gmpz_powm'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5730: undefined reference to `__gmpz_export'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `wrapped_mpz::wrapped_mpz()':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5666: undefined reference to `__gmpz_init'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o): in function `wrapped_mpz::~wrapped_mpz()':
/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: undefined reference to `__gmpz_clear'
/usr/bin/ld: /usr/local/lib/libntl.a(lip.o):/mnt/d/WSL/ntl-11.4.3/src/lip.cpp:5667: more undefined references to `__gmpz_clear' follow
collect2: error: ld returned 1 exit status
make[2]: *** [CMakeFiles/gtesting.dir/build.make:408: gtesting] Error 1
make[1]: *** [CMakeFiles/Makefile2:109: CMakeFiles/gtesting.dir/all] Error 2
make: *** [Makefile:84: all] Error 2

Optimization flag lost in migration to CMake

Before transition to CMake, the binary was compiled with "-O2".

Please consider re-enabling it in CMakeLists.txt:

-set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++0x")
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2 -std=c++0x")

(BTW I'm using your implementation to try out other attacks, thanks for having shared your code! cf https://github.com/SideChannelMarvels/Deadpool/wiki/Tutorial-%234%3A-DCA-against-Karroumi-2010-challenge for a DPA-like attack, DFA attack will come soon too ;) )

serialization not works!

hello

I use this code for generating and then serializing the AES white box instance

System.out.println("generate");
Generator gEnc = new Generator();
Generator gDec = new Generator();
Random rand = new Random();

    // External encoding is needed, at least some, generate identities
    ExternalBijections extc = new ExternalBijections();
    gEnc.generateExtEncoding(extc, 0);

    // at first generate pure table AES implementation
    gEnc.setUseIO04x04Identity(false);
    gEnc.setUseIO08x08Identity(false);
    gEnc.setUseMB08x08Identity(false);
    gEnc.setUseMB32x32Identity(false);

    gDec.setUseIO04x04Identity(false);
    gDec.setUseIO08x08Identity(false);
    gDec.setUseMB08x08Identity(false);
    gDec.setUseMB32x32Identity(false);

    // Generate AES for encryption
    gEnc.generate(true, AEShelper.testVect128_key, 16, extc);
    AES AESenc = gEnc.getAESi();

    // Generate AES for decryption
    gDec.generate(false, AEShelper.testVect128_key, 16, extc);
    AES AESdec = gDec.getAESi();


    //********************************
    try {

        FileOutputStream fileOut
                = new FileOutputStream("AESenc.ser");
        ObjectOutputStream out = new ObjectOutputStream(fileOut);
        out.writeObject(AESenc);
        out.close();
        fileOut.close();
        System.out.printf("Serialized data is saved in AESenc.ser");
    } catch (IOException i) {
        i.printStackTrace();
    }

    try {
        FileOutputStream fileOut
                = new FileOutputStream("AESdec.ser");
        ObjectOutputStream out = new ObjectOutputStream(fileOut);
        out.writeObject(AESdec);
        out.close();
        fileOut.close();
        System.out.printf("Serialized data is saved in AESdec.ser");
    } catch (IOException i) {
        i.printStackTrace();
    }

but when read file and de-serialize objects encrypt/decrypt not work properly
this is code

    Generator gEnc = new Generator();
    Generator gDec = new Generator();
    Random rand = new Random();

    // External encoding is needed, at least some, generate identities
    ExternalBijections extc = new ExternalBijections();
    gEnc.generateExtEncoding(extc, 0);

    // at first generate pure table AES implementation
    gEnc.setUseIO04x04Identity(false);
    gEnc.setUseIO08x08Identity(false);
    gEnc.setUseMB08x08Identity(false);
    gEnc.setUseMB32x32Identity(false);

    gDec.setUseIO04x04Identity(false);
    gDec.setUseIO08x08Identity(false);
    gDec.setUseMB08x08Identity(false);
    gDec.setUseMB32x32Identity(false);

    AES AESenc ;
    AES AESdec ;

    try {
        FileInputStream fileIn = new FileInputStream("AESenc.ser");
        ObjectInputStream in = new ObjectInputStream(fileIn);
        AESenc = (AES) in.readObject();
        in.close();
        fileIn.close();
    } catch (IOException i) {
        i.printStackTrace();
        return;
    } catch (ClassNotFoundException c) {
        System.out.println("AESenc.ser not found");
        c.printStackTrace();
        return;
    }

    try {
        FileInputStream fileIn = new FileInputStream("AESdec.ser");
        ObjectInputStream in = new ObjectInputStream(fileIn);
        AESdec = (AES) in.readObject();
        in.close();
        fileIn.close();
    } catch (IOException i) {
        i.printStackTrace();
        return;
    } catch (ClassNotFoundException c) {
        System.out.println("AESenc.ser not found");
        c.printStackTrace();
        return;
    }

    //################################
    gEnc.setAESi(AESenc);
    gDec.setAESi(AESdec);

   .
   .
   .
  // Encrypt
        state.transpose();
        gEnc.applyExternalEnc(state, extc, true);
        AESenc.crypt(state);
        gEnc.applyExternalEnc(state, extc, false);

        System.out.println("Enc(plaintext_test): \n" + state);
        //assertEquals("Cipher output mismatch", true, state.equals(cipher));

        // Decrypt
        state.transpose();
        System.out.println("T(Enc(plaintext_test)): \n" + state);
        gDec.applyExternalEnc(state, extc, true);
        AESdec.crypt(state);
        gDec.applyExternalEnc(state, extc, false);
        System.out.println("Dec(T(Enc(plaintext_test))): \n" + state.toString());
        System.out.println(new String(state.getStateCopy()));

but not work
please help me.

Problem at building phase

When trying to build this project (version 0.4, also with latest sources), remained stuck at some point.

Debian 8 64-bit OS
Installed NTL version 9.9.1 (tried too with the default 9.6.2)
- libntl.a is at /usr/local/lib/libntl.a
- include libraries at /usr/local/include/NTL/
- also installed NTL as install-ntl-cached.sh with prefix at $HOME/ntl
- libntl-dev package NOT installed
Boost libraries at version 1.55.0

I attach the generated output:

./build-debug.sh
HOME: /home/user
NTL_INCLUDE_PATH: /usr/local/include
NTL_LIB: /usr/local/lib/libntl.a
-- Boost version: 1.55.0
-- Found the following Boost libraries:
-- program_options
-- serialization
-- iostreams
-- random
-- Configuring done
-- Generating done
-- Build files have been written to: /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/build-debug
Linking CXX executable main
/usr/local/lib/libntl.a(lip.o): In function redc': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:3509: undefined reference togmpn_addmul_1'
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:3521: undefined reference to __gmpn_sub_n' /usr/local/lib/libntl.a(lip.o): In functionntl_rem_struct_basic::eval(long, void, ntl_tmp_vec)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:5729: undefined reference to __gmpn_mod_1' /usr/local/lib/libntl.a(lip.o): In functionntl_reduce_struct_montgomery::eval(void, void__)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:3594: undefined reference to __gmpn_addmul_1' /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:3606: undefined reference to__gmpn_sub_n'
/usr/local/lib/libntl.a(lip.o): In function _ntl_crt_struct_basic::eval(void__, long const_, _ntl_tmp_vec_)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:4703: undefined reference to __gmpn_addmul_1'
/usr/local/lib/libntl.a(lip.o): In functiongmod_simple': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2067: undefined reference to __gmpn_tdiv_qr'
/usr/local/lib/libntl.a(lip.o): In function_ntl_rem_struct_fast::eval(long_, void_, _ntl_tmp_vec_)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:5769: undefined reference to __gmpn_mod_1'
/usr/local/lib/libntl.a(lip.o): In function_ntl_rem_struct_medium::eval(long_, void_, _ntl_tmp_vec_)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:5813: undefined reference to __gmpn_mod_1'
/usr/local/lib/libntl.a(lip.o): In function_ntl_grshift(void_, long, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1420: undefined reference to __gmpn_rshift'
/usr/local/lib/libntl.a(lip.o): In function_ntl_glshift(void*, long, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1355: undefined reference to __gmpn_lshift'
/usr/local/lib/libntl.a(lip.o): In function__gmpn_sub': /usr/include/x86_64-linux-gnu/gmp.h:2168: undefined reference to __gmpn_sub_n'
/usr/local/lib/libntl.a(lip.o): In function__gmpn_add': /usr/include/x86_64-linux-gnu/gmp.h:2129: undefined reference to __gmpn_add_n'
/usr/local/lib/libntl.a(lip.o): In function__gmpn_sub': /usr/include/x86_64-linux-gnu/gmp.h:2168: undefined reference to __gmpn_sub_n'
/usr/local/lib/libntl.a(lip.o): In function__gmpn_add': /usr/include/x86_64-linux-gnu/gmp.h:2129: undefined reference to __gmpn_add_n'
/usr/local/lib/libntl.a(lip.o): In function__gmpn_sub': /usr/include/x86_64-linux-gnu/gmp.h:2168: undefined reference to __gmpn_sub_n'
/usr/include/x86_64-linux-gnu/gmp.h:2168: undefined reference to__gmpn_sub_n' /usr/include/x86_64-linux-gnu/gmp.h:2168: undefined reference to __gmpn_sub_n'
/usr/local/lib/libntl.a(lip.o): In function_ntl_gmul(void_, void_, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1725: undefined reference to __gmpn_mul'
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1727: undefined reference to__gmpn_mul' /usr/local/lib/libntl.a(lip.o): In function ntl_gsmul(void*, long, void**)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1792: undefined reference to __gmpn_mul_1' /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1790: undefined reference togmpn_lshift'
/usr/local/lib/libntl.a(lip.o): In function _ntl_gsdiv(void*, long, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1850: undefined reference togmpn_divrem_1'
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1848: undefined reference to __gmpn_rshift' /usr/local/lib/libntl.a(lip.o): In functionntl_gsmod(void, long)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1915: undefined reference to __gmpn_mod_1' /usr/local/lib/libntl.a(lip.o): In functionntl_gdiv(void, void, void, void)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:1989: undefined reference to __gmpn_tdiv_qr' /usr/local/lib/libntl.a(lip.o): In functiongadd_mul_many':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:4662: undefined reference to __gmpn_addmul_1' /usr/local/lib/libntl.a(lip.o): In functionntl_gsqrt(void, void**)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2105: undefined reference to __gmpn_sqrtrem' /usr/local/lib/libntl.a(lip.o): In functionntl_gsqrts(long)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2131: undefined reference to __gmpn_sqrtrem' /usr/local/lib/libntl.a(lip.o): In functionntl_ggcd(void, void, void**)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2187: undefined reference to __gmpn_gcd' /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2185: undefined reference to__gmpn_gcd'
/usr/local/lib/libntl.a(lip.o): In function _ntl_gexteucl(void*, void**, void*, void**, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2536: undefined reference to__gmpn_gcdext'
/usr/local/lib/libntl.a(lip.o): In function _ntl_ginv(void*, void*, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:2652: undefined reference to__gmpn_gcdext'
/usr/local/lib/libntl.a(lip.o): In function _ntl_gaorsmul_1(void*, long, long, void**)': /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:5983: undefined reference to__gmpn_addmul_1'
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:5992: undefined reference to __gmpn_mul_1' /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:6009: undefined reference to__gmpn_submul_1'
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:6044: undefined reference to __gmpn_mul_1' /usr/local/lib/libntl.a(lip.o): In functionntl_general_rem_one_struct_apply(void, long, ntl_general_rem_one_struct)':
/home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:6209: undefined reference to __gmpn_mod_1' /home/user/tools/git/white-box-crypto/ph4r05/Whitebox-crypto-AES-0.4/ntl-9.9.1/src/g_lip_impl.h:6209: undefined reference to__gmpn_mod_1'
collect2: error: ld returned 1 exit status
CMakeFiles/main.dir/build.make:365: recipe for target 'main' failed
make[2]: *** [main] Error 1
CMakeFiles/Makefile2:60: recipe for target 'CMakeFiles/main.dir/all' failed
make[1]: *** [CMakeFiles/main.dir/all] Error 2
Makefile:76: recipe for target 'all' failed
make: *** [all] Error 2

Any ideas or help of this issue? Thanks in advance.

Code Generator for C

Would it be possible to create a C source code generator providing an AES primitive for encryption / decryption together with the encoding tables?

when i use it by vs2013 i can not understand this problem

error C2440: “初始化”: 无法从“const int *”转换为“const int (&)[16]” E:\wbaes\BGEAttack.cpp 66 1 main

Ques need help

I am taking an investigation on your code to continue my research. I have some questions need help. Cause of some magic problems, I failed to compile the code. I hope you can give me some hints, thanks!

What is the purpose of using random function at line 374 in file MixingBijections.cpp

int generateMixingBijection(mat_GF2& RES, int t, int p) {
// ...
    tmp = phrand() % pBlocksInM;		// current row
    for(i=p*tmp,k=0; k<p; i++, k++){
    for(j=0; j<curT; j++){
        X.put(k,j, M.get(i,j));
    }
}

Why current row start from here instead of the other position?

I may continue getting into the problems. Sorry for bothering you!.

Build fails in Debian container

I'm trying to build the whitebox in a Debian docker container.

All required boost libraries, git, cmake, wget and build-essentials are installed.
Unfortunately linking fails:

root@c8510048fa43:/Whitebox-crypto-AES# make
[  4%] Building CXX object CMakeFiles/main.dir/base.cpp.o
[  8%] Building CXX object CMakeFiles/main.dir/BGEAttack.cpp.o
[ 12%] Building CXX object CMakeFiles/main.dir/BGEAttack_test.cpp.o
[ 16%] Building CXX object CMakeFiles/main.dir/GenericAES.cpp.o
[ 20%] Building CXX object CMakeFiles/main.dir/LinearAffineEq.cpp.o
[ 25%] Building CXX object CMakeFiles/main.dir/LinearAffineEq_test.cpp.o
[ 29%] Building C object CMakeFiles/main.dir/md5.c.o
[ 33%] Building CXX object CMakeFiles/main.dir/MixingBijections.cpp.o
[ 37%] Building CXX object CMakeFiles/main.dir/NTLUtils.cpp.o
[ 41%] Building CXX object CMakeFiles/main.dir/WBAES.cpp.o
[ 45%] Building CXX object CMakeFiles/main.dir/WBAESGenerator.cpp.o
[ 50%] Building CXX object CMakeFiles/main.dir/main.cpp.o
Linking CXX executable main
CMakeFiles/main.dir/BGEAttack.cpp.o: In function `NTL::MemoryError()':
BGEAttack.cpp:(.text._ZN3NTL11MemoryErrorEv[_ZN3NTL11MemoryErrorEv]+0xa): undefined reference to `NTL::TerminalError(char const*)'
CMakeFiles/main.dir/BGEAttack.cpp.o: In function `NTL::LogicError(char const*)':
BGEAttack.cpp:(.text._ZN3NTL10LogicErrorEPKc[_ZN3NTL10LogicErrorEPKc]+0x14): undefined reference to `NTL::TerminalError(char const*)'
CMakeFiles/main.dir/BGEAttack.cpp.o: In function `NTL::ResourceError(char const*)':
BGEAttack.cpp:(.text._ZN3NTL13ResourceErrorEPKc[_ZN3NTL13ResourceErrorEPKc]+0x14): undefined reference to `NTL::TerminalError(char const*)'
CMakeFiles/main.dir/BGEAttack.cpp.o: In function `NTL::Mat<NTL::GF2>::Mat(NTL::Mat<NTL::GF2> const&)':
BGEAttack.cpp:(.text._ZN3NTL3MatINS_3GF2EEC2ERKS2_[_ZN3NTL3MatINS_3GF2EEC5ERKS2_]+0x65): undefined reference to `NTL::Vec<NTL::GF2>::FixAtCurrentLength()'
CMakeFiles/main.dir/BGEAttack.cpp.o: In function `NTL::Mat<NTL::GF2>::operator=(NTL::Mat<NTL::GF2> const&)':
BGEAttack.cpp:(.text._ZN3NTL3MatINS_3GF2EEaSERKS2_[_ZN3NTL3MatINS_3GF2EEaSERKS2_]+0x11c): undefined reference to `NTL::Vec<NTL::GF2>::FixAtCurrentLength()'
CMakeFiles/main.dir/MixingBijections.cpp.o: In function `NTL::Error(char const*)':
MixingBijections.cpp:(.text._ZN3NTL5ErrorEPKc[_ZN3NTL5ErrorEPKc]+0x14): undefined reference to `NTL::TerminalError(char const*)'
CMakeFiles/main.dir/MixingBijections.cpp.o: In function `NTL::GF2X::swap(NTL::GF2X&)':
MixingBijections.cpp:(.text._ZN3NTL4GF2X4swapERS0_[_ZN3NTL4GF2X4swapERS0_]+0x1f): undefined reference to `NTL::WordVector::swap(NTL::WordVector&)'
collect2: error: ld returned 1 exit status
CMakeFiles/main.dir/build.make:365: recipe for target 'main' failed
make[2]: *** [main] Error 1
CMakeFiles/Makefile2:60: recipe for target 'CMakeFiles/main.dir/all' failed
make[1]: *** [CMakeFiles/main.dir/all] Error 2
Makefile:76: recipe for target 'all' failed
make: *** [all] Error 2

I cloned the repo, ran the ntl-installer, cmake . and make.

g++ version is 4.9.2
binutils 2.25
ntl 9.6.2

Am I missing something?

the code doesn't has options like pkcs5 and cbc

Support other Whitebox Ciphers

Are there any plans to support other schemes, e.g. https://eprint.iacr.org/2016/642.pdf ?

How to implement given source code into my source code

Dear All,

I had build the following source code on my ubnutu 14.04, but i am unable to understand how to use it in real time in my code for encryption/decryption using provided code. Can anyone share the full details that how it can be used.
Kindly help me!!!

Practical usage of this implementation

Hi!
I was wondering if this implementation aims to provide practical protection of keys / data. Currently it seems to me that implementation does not generate any code but it generates tables which hide internal key. And tables (WBAES object) could be serialized to file. But attacker could easily read tables and use it for decryption of ciphertext previously encrypted by same tables. So it looks like tables themself act like a key in a sense that ciphertext can be decrypted if you have them. Of course it's difficult to extract embedded key but attacker would not need it as tables (WBAES object) could be used directly for decryption. And tables themselves are not hidden. Am I missing something?

Cryptographical Strength

Can you please give a summary about the possible weaknesses and the final strength of the encryption? I have read the Billet paper that the the complexity of a 128 bit key is reduced to 30 bits. Are there any better cutting edge approaches in this area?

32 bytes key size supported?

I have used given code for encryption/decryption with 16 bytes key size and it work fine. But, I want to use it with 32 bytes key size and it for I changed the key size 16 to 32 bytes. After that I have been verified between encrypt function using whitebox and decrypt function using online tool and openssl API. But decrypted data is not same as plain data so it is not work for 32 bytes key size. So I want to confirm that given code is supported in 32 bytes key size or not. If supported, what changes should be do.

Unable to find the requested Boost libraries

When i run the $ cmake -DCMAKE_BUILD_TYPE=Debug .. command on ubuntu 14.04 LTS system then will get the following error.

HOME: /home/test
NTL_INCLUDE_PATH: /home/test/ntl/include
NTL_LIB: /home/test/ntl/lib/libntl.a
CMake Error at /usr/share/cmake-2.8/Modules/FindBoost.cmake:1131 (message):
Unable to find the requested Boost libraries.

Unable to find the Boost header files. Please set BOOST_ROOT to the root
directory containing Boost or BOOST_INCLUDEDIR to the directory containing
Boost's headers.
Call Stack (most recent call first):
CMakeLists.txt:52 (find_package)

CMake Error: The following variables are used in this project, but they are set to NOTFOUND.
Please set them or make sure they are set and tested correctly in the CMake files:
Boost_INCLUDE_DIR (ADVANCED)
used as include directory in directory /home/test/Whitebox_crypto/Whitebox-crypto-AES
used as include directory in directory /home/test/Whitebox_crypto/Whitebox-crypto-AES

-- Configuring incomplete, errors occurred!
See also "/home/test/Whitebox_crypto/Whitebox-crypto-AES/build-debug/CMakeFiles/CMakeOutput.log".

External encodings don't work with serialization

External encodings are not serialized when saving tables and are regenerated randomly whenever tables are loaded.
So currently --extEnc=1 and --create-table/--load-tables are incompatible options.
It would be nice to support serialization with external encodings.
Thanks.
Phil

Require given code in AES-256

Demo code given is by default AES-128 bit, but I require it in AES-256 bit. So What changes should be made in the given code which can make the AES-128 to AES-256 bit.

WBAESGenerator::load(const char * filename, WBAES * aes, ExtEncoding * extCoding) throws boost::archive::archive_exception

I've made 2 test cases at here. And TEST(WBAES, GenerateKey) wosk as expected, but always fails to load serialized key in TEST(WBAES, EncDec) with the exception. And the error message is input stream error.

windows

can this project be successfully compiled in visual studio?

lots of errors like these:
Error C2440 'initializing': cannot convert from 'W32XTB (*)[15][4]' to 'W32XTB (&)[2][15][4]' gtesting
Error C2039 'read': is not a member of 'RingBuffer
Error C2275 'size_t': illegal use of this type as an expression