# Measuring Performances of a White-Box Approach in the IoT Context

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

- the employed operations are very simple; they essentially consist of lookup tables and bit operations;
- the lookup tables and the structure containing sensitive data are small in memory;
- the provided security is medium-level (∼${2}^{63}$) and protection is ensured for reasonable amount of time;
- it is possible to update the key at small costs.

## 2. Block Ciphers

#### 2.1. Substitution-Permutation Networks

**Definition**

**1.**

- ${\gamma}^{\left(i\right)}:{\left({\mathbb{F}}_{{2}^{t}}\right)}^{b}\to {\left({\mathbb{F}}_{{2}^{t}}\right)}^{b}$ is a non linear substitution
- ${\lambda}^{\left(i\right)}\in AGL\left({\left({\mathbb{F}}_{2}\right)}^{r}\right)$ where $AGL\left({\left({\mathbb{F}}_{2}\right)}^{r}\right)$ is the subgroup of the affine transformations of ${\left({\mathbb{F}}_{2}\right)}^{r}$
- ${\sigma}_{{k}^{\left(i\right)}}$ is the addition with the round key

#### 2.2. Feistel Networks

**Definition**

**2.**

**Definition**

**3.**

- $N+1$ round keys ${k}_{0},..{k}_{N}$ are generated from k by means of the key schedule
- message m is split into a left block and right block, initialized as$${L}_{0}={\pi}_{n}\left(m\right)\phantom{\rule{20.0pt}{0ex}}{R}_{0}={\varrho}_{n}\left(m\right)$$
- for $i\in \{1,\dots ,N+1\}$ the round function is applied in the following way:$${L}_{i}={R}_{i-1}\phantom{\rule{20.0pt}{0ex}}{R}_{i}={L}_{i-1}\oplus F({R}_{i-1},{k}_{i-1})$$
- final ciphertext c is $({R}_{N+1},{L}_{N+1})$.

## 3. The White-Box Approach

**Example**

**1.**

## 4. SPACE: A Block Cipher

- The state ${X}^{r}$ at round r can be seen as given by $l=n/{n}_{a}$ vectors ${x}_{i}^{r}\in {\mathbb{F}}^{{n}_{a}}$ so$${X}^{r}=\{{x}_{0}^{r},{x}_{1}^{r},\dots ,{x}_{l-1}^{r}\}.$$
- ${X}^{0}=m$, so it is initialized with the plaintext.
- For $r\in \{1,\dots ,R+1\}$ the state is updated this way:$${X}^{r+1}=\left({F}_{{n}_{a}}^{r}\left({x}_{0}^{r}\right)\oplus ({x}_{1}^{r}\Vert {x}_{2}^{r}\Vert \dots \Vert {x}_{l-1}^{r})\right)\Vert {x}_{0}^{r}$$
- ${X}^{R+1}=c$ so we have found the ciphertext.

**Definition**

**4.**

**Definition**

**5.**

- SPACE-(8,300); Table: 3.84 KB
- SPACE-(16,128); Table: 918 KB
- SPACE-(24,128); Table: 218 MB
- SPACE-(32,128); Table: 51.5 GB

## 5. The SPNbox Family

## 6. Issues and Possible Solutions

## 7. Testing Activities

Algorithm 1: Layer $\gamma $ with BitShift transformation. |

- Intel
^{®}Core^{TM}i3-330M, 2.13 GHz processor with 3 MB SmartCache, 8 GB RAM and Ubuntu 18.04.1 LTS 64-bit. The source code has been compiled with GCC 7.3.0 with`-O3`optimization enabled (see Table 1); - Intel
^{®}Core^{TM}i3-350M, 2.26 GHz processor with 3 MB SmartCache, 8 GB RAM and Ubuntu 18.04.2 LTS 64-bit. The source code has been compiled with GCC 7.4.0 with`-O3`optimization enabled (see Table 2); - Intel
^{®}Core^{TM}i7-2860QM, 2.50/3.60 GHz processor with 8 MB SmartCache, 16 GB RAM and Kubuntu 18.10 64-bit. The source code has been compiled with GCC 7.3.0 with`-O3`optimization enabled (see Table 3); - Intel
^{®}Core^{TM}i7-5500U, 2.40/3.00 GHz processor with 4 MB Cache, 8 GB RAM and Ubuntu 18.04.2 LTS 64-bit. The source code has been compiled with GCC 7.4.0 with`-O3`optimization enabled (see Table 4); - Intel
^{®}Core^{TM}i7-8550U CPU, 1.80/4.00 GHz processor with 8 MB SmartCache, 32 GB RAM and Ubuntu 18.04.2 LTS 64-bit. The source code has been compiled with GCC 7.4.0 with`-O3`optimization enabled (see Table 5); - Intel
^{®}Core^{TM}i3-350M, 2.26 GHz processor with 3 MB SmartCache, 4 GB RAM and Debian GNU/Linux 9 32-bit. The source code has been compiled with GCC 6.3.0 with`-O3`optimization enabled (see Table 6);

#### 7.1. 32/64-Bit Architectures

#### 7.2. IoT Environment

Algorithm 2: MQTT: testing activity executed for each payload (16, 64, 128, and 1024 bytes). |

## 8. Conclusions

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Ashton, K. That ‘internet of things’ thing. RFID J.
**2009**, 22, 97–114. [Google Scholar] - Harini, S.; Jothika, K.; Jayashree, K. A Survey on Privacy and Security in Internet of Things. Int. J. Innov. Eng. Technol.
**2017**, 8, 129–134. [Google Scholar] - Bertino, E. Data Security and Privacy in the IoT. EDBT
**2016**, 2016, 1–3. [Google Scholar] - Tsai, C.; Lai, C.F.; Chiang, M.C.; Yang, L.T. Data mining for internet of things: A survey. IEEE Comm. Surv. Tut.
**2013**, 16, 77–97. [Google Scholar] [CrossRef] - Schlesinger, M.; Parisi, D. The agent-based approach: A new direction for computational models of development. Dev. Rev.
**2001**, 21, 121–146. [Google Scholar] [CrossRef] - Visconti, A.; Tahayori, H. Artificial immune system based on interval type-2 fuzzy set paradigm. Appl. Soft Comput.
**2011**, 11, 4055–4063. [Google Scholar] [CrossRef] - Lee, S.; Kyon-Mo, Y.; Sung-Bae, C. Integrated modular Bayesian networks with selective inference for context-aware decision making. Neurocomputing
**2015**, 163, 38–46. [Google Scholar] [CrossRef] - Visconti, A.; Tahayori, H. Detecting misbehaving nodes in MANET with an artificial immune system based on type-2 fuzzy sets. In Proceedings of the 2009 International Conference for Internet Technology and Secured Transactions, (ICITST), London, UK, 9–13 November 2009. [Google Scholar]
- Shi, Y.; Wei, W.; He, Z.; Fan, H. An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices. In Proceedings of the 32nd Annual Conference on Computer Security Applications, Los Angeles, CA, USA, 5–8 December 2016; ACM: New York, NY, USA, 2016. [Google Scholar]
- Shamir, A.; Van Someren, N. Playing “hide and seek” with stored keys. In Proceedings of the Conference Financial Crypto 1999 (FC’99), Anguilla, British West Indies, 22–25 February 1999; Franklin, M., Ed.; Springer: Heidelberg, Germany, 1999; pp. 118–124. [Google Scholar]
- Boneh, D.; DeMillo, R.A.; Lipton, R.J. On the importance of checking cryptographic protocols for faults (extended abstract). In Proceedings of the Conference EUROCRYPT97, Konstanz, Germany, 11–15 May 1997; Fumy, W., Ed.; Springer: Heidelberg, Germany, 1997; pp. 37–51. [Google Scholar]
- Biham, E.; Shamir, A. Differential fault analysis of secret key cryptosystems. In Proceedings of the Conference CRYPTO97, Santa Barbara, CA, USA, 17–21 August 1997; Kaliski, B.S., Ed.; Springer: Heidelberg, Germany, 1997; pp. 513–525. [Google Scholar] [Green Version]
- Chow, S.; Eisen, P.; Johnson, H.; Van Oorschot, P.C. White-box cryptography and an AES implementation. In Proceedings of the International Workshop on Selected Areas in Cryptography 2002, St. John’s, NL, Canada, 15–16 August 2002; Nyberg, K., Heys, H., Eds.; Springer: Berlin, Germany, 2002; pp. 250–270. [Google Scholar]
- Cho, J.; Kyu Young, C.; Dukjae, M. Hybrid WBC: Secure and efficient encryption schemes using the White-Box Cryptography. IACR Cryptol. ePrint Arch.
**2015**, 2015, 800. [Google Scholar] - Chow, S.; Eisen, P.; Johnson, H.; Van Oorschot, P.C. A white-box DES implementation for DRM applications. In Proceedings of the ACM Workshop on Digital Rights Management, Washington, DC, USA, 18 November 2002; Feigenbaum, J., Ed.; Springer: Berlin, Germany, 2002; pp. 1–15. [Google Scholar]
- Billet, O.; Henri, G.; Charaf, E. Cryptanalysis of a white box AES implementation. In Proceedings of the International Workshop on Selected Areas in Cryptography, Waterloo, ON, Canada, 9–10 August 2004; Handschuh, H., Hasan, M.A., Eds.; Springer: Berlin, Germany, 2004; pp. 227–240. [Google Scholar]
- De Mulder, Y.; Roelse, P.; Preneel, B. Revisiting the BGE attack on a white-box AES implementation. IACR Cryptol. ePrint Arch.
**2013**, 2013, 450. [Google Scholar] - De Mulder, Y.; Roelse, P.; Preneel, B. Cryptanalysis of the Xiao–Lai white-box AES implementation. In Proceedings of the International Conference on Selected Areas in Cryptography 2012, Windsor, ON, Canada, 15–16 August 2012; Knudsen, L.R., Wu, H., Eds.; Springer: Berlin, Germany, 2012; pp. 34–39. [Google Scholar]
- Michiels, W.; Gorissen, P.; Hollmann, H.D.L. Cryptanalysis of a generic class of white-box implementations. In Proceedings of the International Workshop on Selected Areas in Cryptography 2008, Sackville, NB, Canada, 14–15 August 2008; Avanzi, R.M., Keliher, L., Sica, F., Eds.; Springer: Berlin, Germany, 2008; pp. 414–428. [Google Scholar]
- Lepoint, T.; Rivain, M.; De Mulder, Y.; Roelse, P.; Preneel, B. Two attacks on a white-box AES implementation. In Proceedings of the International Conference on Selected Areas in Cryptography 2013, Burnaby, BC, Canada, 14–16 August 2013; Lange, T., Lauter, K., Lisoněk, P., Eds.; Springer: Berlin, Germany, 2013; pp. 265–285. [Google Scholar]
- Jacob, M.; Boneh, D.; Felten, E. Attacking an obfuscated cipher by injecting faults. In Proceedings of the ACM Workshop on Digital Rights Management, 2002, Washington, DC, USA, 18 November 2002; Springer: Berlin, Germany, 2002; pp. 16–31. [Google Scholar]
- Biryukov, A.; Bouillaguet, C.; Khovratovich, D. Cryptographic schemes based on the ASASA structure: Black-box, white-box, and public-key (Extended Abstract). In Advances in Cryptology, Proceedings of the ASIACRYPT 2014, Kaohsiung, Taiwan, 7–11 December 2014; Sarkar, P., Iwata, T., Eds.; Springer: Berlin, Germany, 2014; pp. 63–84. [Google Scholar]
- Bogdanov, A.; Takanori, I. White-box cryptography revisited: Space-hard ciphers. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, 12–16 October 2015; ACM: New York, NY, USA, 2015; pp. 1050–1069. [Google Scholar]
- Bogdanov, A.; Takanori, I.; Tischhauser, E. Towards practical whitebox cryptography: Optimizing efficiency and space hardness. In Proceedings of the ASIACRYPT 2016, Hanoi, Vietnam, 4–8 December 2016; Cheon, J.H., Tsuyoshi, T., Eds.; Springer: Berlin, Germany, 2016; pp. 126–158. [Google Scholar]
- Shi, Y.; Wei, W.; Fan, H.; Au, M.H.; Luo, X. A Light-Weight White-Box Encryption Scheme for Securing Distributed Embedded Devices. IEEE Trans. Comput.
**2019**, in press. [Google Scholar] [CrossRef] - Biryukov, A.; Shamir, A. Structural cryptanalysis of SASAS. J. Cryptol.
**2014**, 23, 505–518. [Google Scholar] [CrossRef] - Cioschi, F.; Fornari, N.; Visconti, A. White-Box Cryptography: A Time-Security Trade-Off for the SPNbox Family. In Proceedings of the 2nd International Conference on Wireless Intelligent and Distributed Environment for Communication (WIDECOM 2019), Milan, Italy, 11–13 February 2019; Woungang, I., Dhurandher, S., Eds.; Springer: Cham, Switzerland, 2019; pp. 153–166. [Google Scholar]
- Shannon, C.E. Communication theory of secrecy systems. Bell Syst. Tech. J.
**1949**, 28, 656–715. [Google Scholar] [CrossRef] - Feistel, H. Cryptography and computer privacy. Sci. Am.
**1973**, 228, 15–23. [Google Scholar] [CrossRef] - Lee, S.; Jho, N.S.; Kim, M. A Key Leakage Preventive White-box Cryptographic Implementation. IACR Cryptol. ePrint Arch.
**2018**, 2018, 1047. [Google Scholar] - Bringer, J.; Chabanne, H.; Dottax, E. Perturbing and protecting a traceable block cipher. In Communications and Multimedia Security, Proceedings of the 10th IFIP TC-6 TC-11 International Conference, Heraklion, Greece, 19–21 October 2006; Springer: Berlin/Heidelberg, Germany, 2006; pp. 109–119. [Google Scholar]
- Bringer, J.; Chabanne, H.; Dottax, E. White box cryptography: Another attempt. IACR Cryptol. ePrint Arch.
**2006**, 2006, 468. [Google Scholar] - De Mulder, Y.; Wyseur, B.; Preneel, B. Cryptanalysis of a Perturbated White-Box AES Implementation. In Progress in Cryptology, Proceedings of the Conference INDOCRYPT 2010, Hyderabad, India, 12–15 December 2010; Gong, G., Gupta, K.C., Eds.; Springer: Berlin/Heidelberg, Germany, 2010; pp. 292–310. [Google Scholar] [Green Version]
- Karroumi, M. Protecting white-box AES with dual ciphers. In Proceedings of the International Conference on Information Security and Cryptology 2010, Seoul, Korea, 1–3 December 2010; Rhee, K.H., Nyang, D., Eds.; Springer: Berlin, Germany, 2010; pp. 278–291. [Google Scholar]
- Xiao, Y.; Xuejia, L. A secure implementation of white-box AES. In Proceedings of the 2009 2nd International Conference on Computer Science and Its Applications, Jeju, Korea, 10–12 December 2009; pp. 1–6. [Google Scholar]
- Luo, R.; Lai, X.; You, R. A new attempt of white-box AES implementation. In Proceedings of the International Conference on Security, Pattern Analysis, and Cybernetics, Wuhan, China, 18–19 October 2014; pp. 423–429. [Google Scholar]
- Bai, K.; Wu, C.; Zhang, Z. Protect white-box AES to resist table composition attacks. IET Inf. Secur.
**2018**, 12, 305–313. [Google Scholar] [CrossRef] - Derbez, P.; Fouque, P.A.; Lambin, B.; Minaud, B. On Recovering Affine Encodings in White-Box Implementations. In Proceedings of the Conference on Cryptographic Hardware and Embedded Systems 2016 (CHES2016), Santa Barbara, CA, USA, 17–19 August 2016; Gierlichs, B., Poschmann, A.Y., Eds.; Springer: Heidelberg, Germany, 2016; pp. 121–149. [Google Scholar]
- Biryukov, A.; De Cannière, C.; Braeken, A.; Preneel, B. A toolbox for cryptanalysis: Linear and affine equivalence algorithms. In Advances in Cryptology—EUROCRYPT 2003, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, 4–8 May 2003; Springer: Berlin/Heidelberg, Germany, 2003; pp. 33–50. [Google Scholar]
- Dinu, I. An improved affine equivalence algorithm for random permutations. In Advances in Cryptology, Proceedings of the Conference EUROCRYPT 2018, Tel Aviv, Israel, 29 April–3 May 2018; Springer: Cham, Switzerland, 2018; pp. 413–442. [Google Scholar]
- Xu, T.; Wu, C.; Liu, F.; Zhao, R. Protecting white-box cryptographic implementations with obfuscated round boundaries. Sci. China Inf. Sci.
**2017**, 61, 039103. [Google Scholar] [CrossRef] - Yongjin, Y.; Dong-Chan, K.; Hun, B.C.; Junbum, S. Cryptanalysis of the Obfuscated Round Boundary Technique for Whitebox Cryptography. Sci. China Inf. Sci.
**2019**. [Google Scholar] [CrossRef] - Rivain, M.; Wang, J. Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst.
**2019**, 2019, 225–255. [Google Scholar] - Bos, J.W.; Hubain, C.; Michiels, W.; Teuwen, P. Differential computation analysis: Hiding your white-box designs is not enough. In Proceedings of the Conference on Cryptographic Hardware and Embedded Systems 2016 (CHES2016), Santa Barbara, CA, USA, 17–19 August 2016; Gierlichs, B., Poschmann, A.Y., Eds.; Springer: Heidelberg, Germany, 2016; pp. 215–236. [Google Scholar]
- Dusart, P.; Letourneux, G.; Vivolo, O. Differential fault analysis on AES. In Proceedings of the International Conference on Applied Cryptography and Network Security 2003, Kunming, China, 16–19 October 2003; Zhou, J., Moti, Y., Han, Y., Eds.; Springer: Berlin, Germany, 2003; pp. 293–306. [Google Scholar]
- Kocher, P.; Jaffe, J.; Jun, B.; Rohatgi, P. Introduction to differential power analysis. J. Cryptogr. Eng.
**2011**, 1, 5–27. [Google Scholar] [CrossRef] [Green Version] - Alpirez Bock, E.; Bos, J.W.; Brzuska, C.; Hubain, C.; Michiels, W.; Mune, C.; Sanfelix Gonzalez, E.; Teuwen, P.; Treff, A. White-Box Cryptography: Don’t Forget About Grey Box Attacks. IACR Cryptol. ePrint Arch.
**2017**, 2017, 355. [Google Scholar] [CrossRef] - Bock, E.A.; Brzuska, C.; Michiels, W.; Treff, A. On the ineffectiveness of internal encodings—Revisiting the DCA attack on white-box cryptography. In Proceedings of the 16th International Conference on Applied Cryptography and Network Security (ACNS2018), Leuven, Belgium, 2–4 July 2018; Preenel, B., Vercauteren, F., Eds.; Springer: Heidelberg, Germany, 2018; pp. 103–120. [Google Scholar]
- Biryukov, A.; Udovenko, A. Attacks and countermeasures for white-box designs. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, 8–12 December 2019; Springer: Cham, Switzerland, 2019; pp. 373–402. [Google Scholar]
- Lee, S.; Kim, T.; Kang, Y. A masked white-box cryptographic implementation for protecting against differential computation analysis. IEEE Trans. Inf. Forensics Secur.
**2018**, 13, 2602–2615. [Google Scholar] [CrossRef] - Banik, S.; Bogdanov, A.; Isobe, T.; Jepsen, M. Analysis of software countermeasures for whitebox encryption. IACR Trans. Symmetric Cryptol.
**2017**, 2017, 307–328. [Google Scholar] - Marin, L. White Box Implementations Using Non-Commutative Cryptography. Sensors
**2019**, 19, 1122. [Google Scholar] [CrossRef] [PubMed] - Bogdanov, A.; Rivain, M.; Vejre, P.S.; Wang, J. Higher-order DCA against standard side-channel countermeasures. IACR Cryptol. ePrint Arch.
**2018**, 2018, 869. [Google Scholar] - Fouque, P.A.; Karpman, P.; Kirchner, P.; Minaud, B. Efficient and provable white-box primitives. In Advances in Cryptology, Proceedings of the ASIACRYPT 2016, Hanoi, Vietnam, 4–8 December 2016; Cheon, J.H., Takagi, T., Eds.; Springer: Berlin/Heidelberg, Germany, 2016; pp. 159–188. [Google Scholar]
- Biryukov, A.; Perrin, L. Symmetrically and Asymmetrically Hard Cryptography. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security, Hong Kong, China, 3–7 December 2017; Springer: Cham, Switzerland, 2017; pp. 417–445. [Google Scholar] [Green Version]
- Bock, E.A.; Amadori, A.; Bos, J.W.; Brzuska, C.; Michiels, W. Doubly half-injective PRGs for incompressible white-box cryptography. In Proceedings of the Cryptographers’ Track at the RSA Conference, San Francisco, CA, USA, 4–8 March 2019; Springer: Cham, Switzerland, 2019; pp. 189–209. [Google Scholar]
- Feng, Q.; He, D.; Wang, H.; Kumar, N.; Choo, K.K.R. White-Box Implementation of Shamir’s Identity-Based Signature Scheme. IEEE Syst. J.
**2019**. [Google Scholar] [CrossRef] - Goubin, L.; Paillier, P.; Rivain, M.; Wang, J. How to reveal the secrets of an obscure white-box implementation. J. Cryptogr. Eng.
**2018**. [Google Scholar] [CrossRef] - Moriarty, K.; Kaliski, B.; Rusch, A. PKCS# 5: Password-Based Cryptography Specification Version 2.1. Internet Requests for Comments. RFC 8018 2017. Available online: https://tools.ietf.org/html/rfc8018 (accessed on 3 June 2019).
- Visconti, A.; Bossi, S.; Ragab, H.; Calò, A. On the weaknesses of PBKDF2. In Cryptology and Network Security, Proceedings of the 14th International Conference, CANS 2015, Marrakesh, Morocco, 10–12 December 2015; Reiter, M., Naccache, D., Eds.; Springer International Publishing: Cham, Switzerland, 2015; pp. 119–126. [Google Scholar]
- Visconti, A.; Mosnáček, O.; Brož, M.; Matyáš, V. Examining PBKDF2 security margin—Case study of LUKS. J. Inf. Secur. Appl.
**2019**, 46, 296–306. [Google Scholar] [CrossRef] - Visconti, A.; Gorla, F. Exploiting an HMAC-SHA-1 optimization to speed up PBKDF2. IEEE Trans. Dependable Secur. Comput.
**2018**. [Google Scholar] [CrossRef] - Biryukov, A.; Dinu, D.; Khovratovich, D. Argon2 (Version 1.2). 2018. Available online: https://password-hashing.net/submissions/specs/Argon-v3.pdf (accessed on 28 May 2019).
- Percival, C.; Josefsson, S. The scrypt Password-Based Key Derivation Function. Internet Requests for Comments. RFC 7914. 2016. Available online: https://tools.ietf.org/html/rfc7914 (accessed on 30 May 2019).
- Banks, A.; Gupta, R. MQTT Version 3.1.1 Plus Errata 01. Available online: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html (accessed on 24 May 2019).
- Light, R.A. Mosquitto: Server and client implementation of the MQTT protocol. J. Open Source Softw.
**2017**, 2, 265. [Google Scholar] [CrossRef]

**Figure 1.**Table-based white-box implementation: the key k is scrambled by a network of lookup tables.

**Figure 2.**The value of each image of ${F}_{{n}_{a}}^{\prime}\left(x\right)$ is saved as a row in a look-up table. Every row is indexed by the value of x, $x\in \{0,\dots ,{2}^{{n}_{a}}-1\}$.

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 1.178316 s | 0.955048 s |

${n}_{in}$ = 32, decryption | 1.447580 s | 1.168507 s |

${n}_{in}$ = 16, encryption | 3.946748 s | 3.222751 s |

${n}_{in}$ = 16, decryption | 4.193261 s | 3.308678 s |

${n}_{in}$ = 8, encryption | 2.547156 s | 2.192452 s |

${n}_{in}$ = 8, decryption | 2.564750 s | 2.250102 s |

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 1.116117 s | 0.902140 s |

${n}_{in}$ = 32, decryption | 1.367435 s | 1.150235 s |

${n}_{in}$ = 16, encryption | 3.717744 s | 3.035942 s |

${n}_{in}$ = 16, decryption | 3.954781 s | 3.116000 s |

${n}_{in}$ = 8, encryption | 2.395998 s | 2.061877 s |

${n}_{in}$ = 8, decryption | 2.405397 s | 2.114405 s |

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 0.837671 s | 0.668838 s |

${n}_{in}$ = 32, decryption | 0.925293 s | 0.816856 s |

${n}_{in}$ = 16, encryption | 2.667934 s | 2.147471 s |

${n}_{in}$ = 16, decryption | 2.811657 s | 2.394600 s |

${n}_{in}$ = 8, encryption | 1.886357 s | 1.565764 s |

${n}_{in}$ = 8, decryption | 2.030491 s | 1.777118 s |

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 0.861415 s | 0.701899 s |

${n}_{in}$ = 32, decryption | 0.954985 s | 0.782088 s |

${n}_{in}$ = 16, encryption | 2.980274 s | 2.461575 s |

${n}_{in}$ = 16, decryption | 3.155612 s | 2.543056 s |

${n}_{in}$ = 8, encryption | 1.860916 s | 1.774127 s |

${n}_{in}$ = 8, decryption | 1.879749 s | 1.785562 s |

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 0.681576 s | 0.526522 s |

${n}_{in}$ = 32, decryption | 0.723118 s | 0.587942 s |

${n}_{in}$ = 16, encryption | 2.396308 s | 1.898987 s |

${n}_{in}$ = 16, decryption | 2.462049 s | 1.933232 s |

${n}_{in}$ = 8, encryption | 1.160104 s | 1.258072 s |

${n}_{in}$ = 8, decryption | 1.179036 s | 1.248327 s |

$\mathit{\gamma}$ | $\mathit{\gamma}$ with BitShift | |
---|---|---|

${n}_{in}$ = 32, encryption | 1.247818 s | 1.041543 s |

${n}_{in}$ = 32, decryption | 1.967226 s | 1.558086 s |

${n}_{in}$ = 16, encryption | 3.721377 s | 3.381363 s |

${n}_{in}$ = 16, decryption | 4.164744 s | 3.262065 s |

${n}_{in}$ = 8, encryption | 2.399780 s | 2.065451 s |

${n}_{in}$ = 8, decryption | 2.412146 s | 2.127425 s |

Payload | ${\mathit{n}}_{\mathit{in}}$ | Encryption | Decryption | ||||
---|---|---|---|---|---|---|---|

(Bytes) | (Bits) | w/o BitShift | with BitShift | Gain | w/o BitShift | with BitShift | Gain |

32 | 3.668 s | 3.319 s | 9.507% | 0.893s | 0.741s | 16.999% | |

16 | 16 | 6.335 s | 5.763 s | 9.037% | 3.096s | 2.412s | 22.091% |

8 | 4.510 s | 4.882 s | −8.254% | 1.479s | 1.551s | −4.929% | |

32 | 6.679 s | 5.601 s | 16.139% | 3.636s | 2.950 s | 18.865% | |

64 | 16 | 14.869 s | 12.362 s | 16.860% | 12.488 s | 10.023 s | 19.739% |

8 | 8.817 s | 9.616 s | −9.060% | 6.183s | 6.446 s | −4.253% | |

32 | 16.021 s | 13.847 s | 13.569% | 14.166 s | 11.827 s | 16.512% | |

128 | 16 | 51.098 s | 38.998 s | 23.680% | 50.632 s | 39.596 s | 21.798% |

8 | 24.280 s | 25.709 s | −5.884% | 24.454 s | 25.825 s | −5.607% | |

32 | 54.047 s | 41.716 s | 22.816% | 56.494 s | 47.065 s | 16.690% | |

1024 | 16 | 191.262 s | 151.101 s | 20.998% | 195.424 s | 154.029 s | 21.182% |

8 | 92.651 s | 98.998 s | −6.850% | 93.744 s | 98.362 s | −4.926% |

© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Albricci, D.G.V.; Ceria, M.; Cioschi, F.; Fornari, N.; Shakiba, A.; Visconti, A.
Measuring Performances of a White-Box Approach in the IoT Context. *Symmetry* **2019**, *11*, 1000.
https://doi.org/10.3390/sym11081000

**AMA Style**

Albricci DGV, Ceria M, Cioschi F, Fornari N, Shakiba A, Visconti A.
Measuring Performances of a White-Box Approach in the IoT Context. *Symmetry*. 2019; 11(8):1000.
https://doi.org/10.3390/sym11081000

**Chicago/Turabian Style**

Albricci, Daniele Giacomo Vittorio, Michela Ceria, Federico Cioschi, Nicolò Fornari, Arvin Shakiba, and Andrea Visconti.
2019. "Measuring Performances of a White-Box Approach in the IoT Context" *Symmetry* 11, no. 8: 1000.
https://doi.org/10.3390/sym11081000