Differential Computation Analysis of White-box SM4 Scheme
Author:
Affiliation:

Clc Number:

TP309

  • Article
  • | |
  • Metrics
  • |
  • Reference [26]
  • |
  • Related [20]
  • | | |
  • Comments
    Abstract:

    The security of traditional cryptographic algorithms is based on the black-box attack model. In this attack model, the attacker can only obtain the input and output of the cryptographic algorithm, but not the internal details of the cryptographic algorithm. In recent years, the concept of white-box attack model has been proposed. In the white-box attack model, attackers can not only obtain the input and output of cryptographic algorithm, but also directly observe or change the internal data of cryptographic algorithm. In order to ensure the security of existing cryptographic algorithms under white-box attack environment, redesigning the existing cryptographic algorithms through white-box cryptography technology without changing their functions is called white-box implementation of existing cryptographic algorithms. It is of great significance to study the design and analysis of the white-box implementation scheme for solving the issue of digital rights management. In recent years, a kind of side channel analysis method for white-box implementation schemes has emerged. This kind of analysis method only needs to know a few internal details of white-box implementation schemes, then it can extract the key. Therefore, it is the analysis method with practical threat to the existing white-box implementation schemes. It is of great practical significance to analyze the existing white-box implementation schemes to ensure the security of the schemes. The typical representative of this kind of analysis method is the differential computation analysis (DCA) based on the principle of differential power analysis. This study analyzes the Bai-Wu white-box SM4 scheme based on DCA. Based on the research results of the statistical characteristics of n-order uniform random invertible matrix on GF(2), an improved DCA (IDCA) is proposed, which can significantly improve the analysis efficiency on the premise of almost constant success rate. The results also show that the Bai-Wu white-box SM4 scheme can not guarantee the security in the face of DCA, therefore, it must be further improved to meet the security requirements of practical scenarios.

    Reference
    [1] Chow S, Eisen P, Johnson H, van Orschot PC. White-box cryptography and an AES implementation. In: Nyberg K, Heys H, eds. Proc. of the Int’l Workshop on Selected Areas in Cryptography. Berlin, Heidelberg: Springer, 2003. 250–270.
    [2] Chow S, Eisen P, Johnson H, van Oorschot PC. A white-box DES implementation for DRM applications. In: Feigenbaum J, ed. Proc. of the ACM Workshop on Digital Rights Management. Berlin, Heidelberg: Springer, 2003. 1–15.
    [3] 肖雅莹. 白盒密码及AES与SMS4算法的实现 [硕士学位论文]. 上海: 上海交通大学, 2010.
    Xiao YY. White-box cryptography and implementations of AES and SMS4 [MS. Thesis]. Shanghai: Shanghai Jiao Tong University, 2010 (in Chinese with English abstract).
    [4] Luo R, Lai XJ, You R. A new attempt of white-box AES implementation. In: Proc. of the 2014 IEEE Int’l Conf. on Security, Pattern Analysis, and Cybernetics (SPAC). Wuhan: IEEE, 2014. 423–429.
    [5] Shi Y, Wei WJ, He ZJ. A lightweight white-box symmetric encryption algorithm against node capture for WSNs. Sensors, 2015, 15(5): 11928–11952. [doi: 10.3390/s150511928]
    [6] Bai KP, Wu CK. A secure white-box SM4 implementation. Security and Communication Networks, 2016, 9(10): 996–1006. [doi: 10.1002/sec.1394]
    [7] Bai KP, Wu CK, Zhang ZF. Protect white-box AES to resist table composition attacks. IET Information Security, 2018, 12(4): 305–313. [doi: 10.1049/iet-ifs.2017.0046]
    [8] Billet O, Gilbert H, Ech-Chatbi C. Cryptanalysis of a white box AES implementation. In: Handschuh H, Hasan MA, eds. Proc. of the Int’l Workshop on Selected Areas in Cryptography. Berlin, Heidelberg: Springer, 2005. 227–240.
    [9] Michiels W, Gorissen P, Hollmann HDL. Cryptanalysis of a generic class of white-box implementations. In: Avanzi RM, Keliher L, Sica F, eds. Proc. of the 2009 Int’l Workshop on Selected Areas in Cryptography. Berlin, Heidelberg: Springer, 2009. 414–428.
    [10] De Mulder Y, Roelse P, Preneel B. Cryptanalysis of the Xiao-lai white-box AES implementation. In: Knudsen LR, Wu HP, eds. Proc. of the 2013 Int’l Workshop on Selected Areas in Cryptography. Berlin, Heidelberg: Springer, 2013. 34–49.
    [11] 林婷婷, 来学嘉. 白盒密码研究. 密码学报, 2015, 2(3): 258–267. [doi: 10.13868/j.cnki.jcr.000077]
    Lin TT, Lai XJ. Research on White-box cryptography. Journal of Cryptologic Research, 2015, 2(3): 258–267 (in Chinese with English abstract). [doi: 10.13868/j.cnki.jcr.000077]
    [12] Bos JW, Hubain C, Michiels W, Teuwen P. Differential computation analysis: Hiding your white-box designs is not enough. In: Gierlichs B, Poschmann AY, eds. Proc. of the Int’l Conf. on Cryptographic Hardware and Embedded Systems. Berlin, Heidelberg: Springer, 2016. 215–236.
    [13] Bock EA, Bos JW, Brzuska C, Hubain C, Michiels W, Mune C, Gonzalez ES, Teuwen P, Treff A. White-box cryptography: Don't forget about grey-box attacks. Journal of Cryptology, 2019, 32(4): 1095–1143. [doi: 10.1007/s00145-019-09315-1]
    [14] Bock EA, Brzuska C, Michiels W, Treff A. On the ineffectiveness of internal encodings—Revisiting the DCA attack on white-box cryptography. In: Preneel B, Vercauteren F, eds. Proc. of the Int’l Conf. on Applied Cryptography and Network Security. Cham: Springer, 2018. 103–120.
    [15] Breunesse CB, Kizhvatov I, Muijrers R, Spruyt A. Towards fully automated analysis of whiteboxes: Perfect dimensionality reduction for perfect leakage. Cryptology ePrint Archive, Report 2018/095, 2018.
    [16] Banik S, Bogdanov A, Isobe T, Jepsen M. Analysis of software countermeasures for whitebox encryption. IACR Transactions on Symmetric Cryptology, 2017, 3(8): 307–328. [doi: 10.13154/tosc.v2017.i1.307-328]
    [17] Biryukov A, Udovenko A. Attacks and countermeasures for white-box designs. In: Peyri T, Galbraith S, eds. Proc. of the Int’l Conf. on the Theory and Application of Cryptology and Information Security. Cham: Springer, 2018. 373–402.
    [18] Bogdanov A, Rivain M, Vejre PS, Wang JW. Higher-order DCA against standard side-channel countermeasures. In: Polian I, Stöttinger M, eds. Proc. of the Int’l Workshop on Constructive Side-channel Analysis and Secure Design. Cham: Springer, 2019. 118–141.
    [19] Lee S, Kim M. Improvement on a masked White-Box cryptographic implementation. IEEE Access, 2020, 8: 90992–91004. [doi: 10.1109/access.2020.2993651]
    [20] Biryukov A, Udovenko A. Dummy shuffling against algebraic attacks in white-box implementations. In: Canteaut A, Standaert FX, eds. Proc. of the Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Cham: Springer, 2021. 219–248.
    [21] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. GB/T 32907-2016 信息安全技术SM4分组密码算法. 北京: 中国标准出版社, 2017.
    General Administration of Quality Supervision, Inspection and Quarantine of the People’s Republic of China, Standardization Admini-stration. GB/T 32907-2016 Information security technology—SM4 block cipher algorithm. Beijing: China Standards Press, 2017 (in Chinese with English abstract).
    [22] 潘文伦, 秦体红, 贾音, 张立廷. 对两个SM4白盒方案的分析. 密码学报, 2018, 5(6): 651–671. [doi: 10.13868/j.cnki.jcr.000274]
    Pan WL, Qin TH, Jia Y, Zhang LT. Cryptanalysis of two white-box SM4 implementations. Journal of Cryptologic Research, 2018, 5(6): 651–671 (in Chinese with English abstract). [doi: 10.13868/j.cnki.jcr.000274]
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

原梓清,陈杰.对一种白盒SM4方案的差分计算分析.软件学报,2023,34(8):3891-3904

Copy
Share
Article Metrics
  • Abstract:986
  • PDF: 2705
  • HTML: 1836
  • Cited by: 0
History
  • Received:July 05,2021
  • Revised:August 26,2021
  • Online: September 23,2022
  • Published: August 06,2023
You are the first2032442Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063