Study About White-box AES

In the field of cryptography,it is safe to assume that the cryptographic algorithm execution environment,that is,the cryptographic algorithm execution terminal is safe,and that the cryptographic algorithm is public,and that the information can be guaranteed as long as the key is saved.But in recent years,the continuous improvement of cryptanalysis technology,in most of the time,the password software's operating environment becomes increasingly insecure,for example the user input key when the action will reveal some of the information about key.The most common way to solve this problem is to embed the decryption algorithm along with the key into the hardware.However,this method is expensive,and is too hard to replace the key,and is not as convenient as software,and not conducive to commercialization.Another possible way is to embed the key into the encryption and decryption software without revealing the key.This is the white box cryptography mentioned in this article,which provides a new way for digital information protection.In 2002,the concept of white box cryptography and white box attack context and white box AES were proposed by Chow et al.Now After being modified,the white box cryptography has been broken,and has been active in the first line of cryptography research.This paper mainly focuses on white box AES's design and theoretical proof.In the white box AES design,based on the white-box AES based on lookup table proposed by Chow et al,this paper constructs the deformed white box AES by destroying network coding proposed by Chow.In the white box AES theory,it is proved that the white box AES based on the lookup table does not satisfy the white box characteristic by introducing the white box characteristic.Specific research content has the following two aspects.1.By introducing the original design scheme and the BGE attack scheme,this paper finds that the BGE attack scheme utilizes the combination of white-box AES's two-type table and the three-type table,which has the disadvantage of a pair of confusion matrix's disappearance.Then for this shortcoming,we propose to remove the three-type table of the white box AES,and use the matrix after the combination of two consecutive rounds as the key to make the confused matrix work.The key that needs to be added is generated by the key extension algorithm through the initial key,which reduces the amount of keys.2.By introducing the basic principles of the white-box character and the current conclusions based on the white-box character,this paper discusses the security of white-box AES based on the look-up table.It is proved that the white box AES based on the lookup table design does not satisfy its positive result according to the "white box characteristic" proposed by Saxena et al.,And furthermore,the white box AES based on the lookup table design does not satisfy WBP.This is mainly because in the symmetric encryption system,the construction of the decryption either with the same encryption machine,or can be derived through the encryption machine.And the white box AES encryption algorithm through the lookup table design is easy to export decryption algorithm.And white box AES is designed to ensure that the user's could not be extracted in white box attack context,and "white box" definition does not take this into account.