DWB-AES：基于AES的动态白盒实现方法

doi:10.11959/j.issn.1000-436x.2021020

Abstract

Abstract:

The resources of IoT devices are limited.Therefore, security, flexibility and lightweight cryptographic modules are required.The idea of white-box cryptography can meet the needs of IoT devices.In common AES white-box implementations, keys are bound to look up tables.So the look up tables must be changed when the keys are changed.It is not flexible enough in practical applications.To solve this problem, a dynamic white-box implementation method for AES, which was called DWB-AES, was proposed.By changing the boundary between rounds, all operations of the encryption and decryption process were performed by looking up the tables, and the tables and the keys were respectively confused, so that the entire encryption and decryption process did not expose the key information.The look up tables need not to be changed every time when the keys changed, which was more practical.The security analysis of DWB-AES shows that the DWB-AES has higher white-box diversity and ambiguous, it can resist BGE attack and Mulder attack.

Key words: AES, white-box cryptography, dynamic white-box, BGE, look up table

CLC Number:

TP393

Bin WANG, Si CHEN, Jiadong CHEN, Xing WANG. DWB-AES: an implementation of dynamic white-box based on AES[J]. Journal on Communications, 2021, 42(2): 177-186.

Figures/Tables 14

References 19

[1]	CHOW S , EISEN P A , JOHNSON H ,et al. White-box cryptography and an AES implementation[C]// Selected Areas in Cryptography. Berlin:Springer, 2003: 250-270.
[2]	CHOW S , EISEN P , JOHNSON H ,et al. A white-box DES implementation for DRM applications[C]// ACM Workshop on Digital Rights Management. New York:ACM Press, 2003: 1-5.
[3]	JACOB M , BONEH D , FELTEN E . Attacking an obfuscated cipher by injecting faults[C]// Digital Rights Management. Berlin:Springer, 2003: 16-31.
[4]	GOUBIN L , MASEREEL J M , QUISQUATER M . Cryptanalysis of white box DES implementations[J]. Lecture Notes in Computer Science, 2007,4876: 278-295.
[5]	BILLET O , GILBERT H , ECH-CHATBI C . Cryptanalysis of a white box AES implementation[C]// Selected Areas in Cryptography. Berlin:Springer, 2005: 227-240.
[6]	XIAO Y , LAI X . A secure implementation of white-box aes[C]// The 2nd International Conference on Computer Science and Its Applications. Piscataway:IEEE Press, 2009: 1-6.
[7]	MULDER DE Y , ROELSE P , PRENEEL B . Cryptanalysis of the Xiao-Lai white-box AES implementation[C]// Selected Areas in Cryptography. Berlin:Springer, 2013: 34-49.
[8]	LUO R , LAI X J , YOU R . A new attempt of white-box AES implementation[C]// 2014 International Conference on Security,Pattern Analysis,and Cybernetics. Piscataway:IEEE Press, 2014: 423-429.
[9]	KARROUMI M , . Protecting white-box AES with dual ciphers[C]// Information Security and Cryptology-ICISC 2010. Berlin:Springer, 2011: 278-291.
[10]	MULDER DE Y . White-box cryptography:analysis of white-box AES implementations[D]. Belgium:KU Leuven, 2014.
[11]	BIRYUKOV A , BOUILLAGUET C , KHOVRATOVICH D . Cryptographic schemes based on the ASASA structure:black-box,white-box,and public-key[C]// Advances in Cryptology—ASIACRYPT 2014. Berlin:Springer, 2014: 63-84.
[12]	BOGDANOV A , ISOBE T . White-box cryptography revisited:space-hard ciphers[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2015: 1058-1069.
[13]	KARROUMI M , . Protecting white-box AES with dual ciphers[C]// Proceedings of the 13th International Conference on Information Security and Cryptology. Berlin:Springer, 2011: 278-291.
[14]	XU T , LIU F , WU C . A white-box AES-like implementation based on key-dependent substitution-linear transformations[J]. Multimedia Tools and Applications, 2018,77(14): 18117-18137.
[15]	姚思, 陈杰 . SM4 算法的一种新型白盒实现[J]. 密码学报, 2020,7(3): 358-374.
	YAO S , CHEN J . A new method for white-box implementation of SM4 algorithm[J]. Journal of Cryptologic Research, 2020,7(3): 358-374.
[16]	FUKUSHIMA K , HIDANO S , KIYOMOTO S . White-box implementation of stream cipher[C]// The 3rd International Conference on Information Systems Security and Privacy.[S.n.:s.l.], 2017: 263-269.
[17]	BAI K , WU C . A secure white-box SM4 implementation[J]. Security and Communications Networks, 2016,9(10): 996-1006.
[18]	BAI K P , WU C K , ZHANG Z F . Protect white-box AES to resist table composition attacks[J]. IET Information Security, 2018,12(4): 305-313.
[19]	BIRYUKOV A , CANNIERE DE C , BRAEKEN A ,et al. A toolbox for cryptanalysis:linear and affine equivalence algorithms[C]// Advances in Cryptology-EUROCRYPT 2003. Berlin:Springer, 2003: 33-50.

Metrics

Recommended 0

No Suggested Reading articles found!

白盒方案	表大小/KB	矩阵乘法次数/次	每轮查表及异或次数/次	更换密钥时需要更换的查找表大小/KB
Chow	752	0	205	752
Xiao-Lai	20 502	11	12	20 502
DWB-AES	32 280	0	1 048	0

白盒方案	白盒含混度	白盒多样性
Chow	2¹¹⁴	2⁷⁶⁹
Xiao-Lai	2²⁷¹	2^{1 294}
DWB-AES	2^{1 692}	2^{5 052}

白盒方案	抵御BGE攻击	抵御Mulder等攻击
Chow	×	—
Xiao-Lai	√	×
DWB-AES	√	√

DWB-AES: an implementation of dynamic white-box based on AES

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 14

References 19

Related Articles 11

Metrics

Recommended 0

[1]	Zijing JIANG, Qun DING. Nove lincidence matrix differential power analysis for resisting ghost peak [J]. Journal on Communications, 2023, 44(4): 38-49.
[2]	Ming TANG, Yifan HU. Load-to-store: exploit the time leakage of store buffer transient window [J]. Journal on Communications, 2023, 44(4): 64-77.
[3]	Shaoyu DU. Improved integral attack——random linear distinguish and key recovery attack [J]. Journal on Communications, 2023, 44(4): 145-153.
[4]	Jiuxing JIANG,Jiao HOU,Hai HUANG,Yuying ZHAO,Xinxin FENG. Research on area-efficient low-entropy masking scheme for AES [J]. Journal on Communications, 2019, 40(5): 201-210.
[5]	Ying GUO,Lun LI,Peng WANG. Real time interpolation algorithm based on Lanczos kernel [J]. Journal on Communications, 2017, 38(6): 142-147.
[6]	Zhi-bo DU,UNYuan-hua S,ANGYi W. Multi-point joint power analysis attack against AES [J]. Journal on Communications, 2016, 37(Z1): 78-84.
[7]	Le DONG,Wen-ling WU,Shuang WU,Jian ZHOU. Novel method of constructing the zero-sum distinguishers [J]. Journal on Communications, 2012, 33(11): 91-99.
[8]	Xin-jie ZHAO,Shi-ze GUO,Tao WANG,Hui-ying LIU. Improved Cache trace driven attack on AES and CLEFIA [J]. Journal on Communications, 2011, 32(8): 101-110.
[9]	Xiao-li DONG,Yu-pu HU,Jie CHEN,Shun-bo LI,Yang YANG. Improved meet-in-the-middle attacks on 7-round AES-192 and 8-round AES-256 [J]. Journal on Communications, 2010, 31(9A): 197-201.
[10]	Jun HAN,Xiao-yang ZENG,Jia ZHAO. VLSI implementation of AES algorithm against differential power attack and differential fault attack [J]. Journal on Communications, 2010, 31(1): 20-29.
[11]	Jian-jun GUO,Ming CHEN,Jian-yin ZHANG,Zhi-chao ZHAO. Research on DRM system design and real-time content protection in IPTV [J]. Journal on Communications, 2008, 29(11A): 66-71.