| With the rapid development of computer and network technology,information security has become an important topic of research.Traditional cryptography is based on the black-box model,which assumes that the attackers can access the input plaintext and the output ciphertext at most,but do not have access to the process of the algorithm implementation.However,in practical applications,this attack mode is usually unrealistic.Because the terminal platforms are often located in a malicious environment.The malicious attacker can recover the key information during the running of the algorithm on which by actively monitoring the standard encryption function or by memory dumping.This attack context is called the White-Box Attack Context--the attackers have completely control,and can observe or execute cryptographic software to easily extract key information or utilize other key information.In 2002,in response to this attack environment,Chow et al.proposed a white-box implementation algorithm for block ciphers AES and DES,which are software implementation.The main idea of the white-box cryptographic algorithm designed by Chow et al.is to hide the key information in the lookup table.It is difficult for an attacker to extract key information from lookup table.In 2014,Su Shuai et al.proposed a white-box implementation algorithm for the block cipher CLEFIA.The CLEFIA algorithm is proposed by the Sony Corporation in 2007.We mainly carried out the security analysis of the white box CLEFIA algorithm proposed by Su Shuai et al.and improved the its insufficients.So a new white box CLEFIA algorithm is proposed.The main research contents include the following:?1?Through the research and analysis of the white box CLEFIA algorithm,we are found that the security strength of the white box CLEFIA mainly depends on the security for confusing the 32-bit random data output by each lookup table.The white box CLEFIA is analyzed by an analysis method similar to the white box algorithm general attack method,which shows that the white box CLEFIA algorithm cannot ensure its security in the white box environment.The main idea of the attack method is to recover the output code and the XOR value of the input decoding and key of each round in the CLEFIA white box implementation.According to the shortcomings of Su-white box CLEFIA scheme--the18th round input decoding value are revealed,and by analyzing all odd and second rounds,we recover the whitening keys WK0 and WK1 and the second round key RK2 and RK3.According to the key scheduling algorithm of grouping cipher CLEFIA,we recover the master key of the Su-white box CLEFIA algorithm.The time complexity of this attack method does not exceed2.5?22 9.?2?By analyzing the advantages and disadvantages of the Su Shuai et al.white box CLEFIA algorithm,and aiming at its shortcomings,we propose an improved white-box CLEFIA algorithm.The algorithm uses a random reversible affine transform as the internal and external coding,which improves the time complexity of recovering the linear part of the output decoding and input decoding.At the same time,the 128-bit data is expanded into 192-bit data to participate in the operation.The extended 64-bit data is used to improve the white-box diversity of the improved algorithm by which is re-encoded after decoding.The improved white box CLEFIA algorithm takes up 506.5KB of memory space.And by analysis of its security,it shows that it has better security. |
PDF Full Text Request