{"title":"WAS:比 AS 迭代改进的白箱加密算法","authors":"Yatao Yang, Yuying Zhai, Hui Dong, Yanshuo Zhang","doi":"10.1186/s42400-023-00192-7","DOIUrl":null,"url":null,"abstract":"<p>The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, WAS, an improved white-box cryptographic algorithm over AS iteration is proposed. This scheme utilizes the AS iterative structure to construct a lookup table with a five-layer ASASA structure, and the maximum distance separable matrix is used as a linear layer to achieve complete diffusion in a small number of rounds. Attackers can be prevented from recovering the key under black-box model. The length of nonlinear layer S and affine layer A in lookup table is 16 bits, which effectively avoids decomposition attack against the ASASA structure and makes the algorithm possess anti-key extraction security under the white-box model, while WAS possesses weak white-box (32 KB, 112)-space hardness to satisfy anti-code lifting security. WAS has provable security and better storage cost than existing schemes, with the same anti-key extraction security and anti-code lifting security, only 128 KB of memory space is required in WAS, which is only 14% of SPACE-16 algorithm and 33% of Yoroi-16 algorithm.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.9000,"publicationDate":"2023-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"WAS: improved white-box cryptographic algorithm over AS iteration\",\"authors\":\"Yatao Yang, Yuying Zhai, Hui Dong, Yanshuo Zhang\",\"doi\":\"10.1186/s42400-023-00192-7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, WAS, an improved white-box cryptographic algorithm over AS iteration is proposed. This scheme utilizes the AS iterative structure to construct a lookup table with a five-layer ASASA structure, and the maximum distance separable matrix is used as a linear layer to achieve complete diffusion in a small number of rounds. Attackers can be prevented from recovering the key under black-box model. The length of nonlinear layer S and affine layer A in lookup table is 16 bits, which effectively avoids decomposition attack against the ASASA structure and makes the algorithm possess anti-key extraction security under the white-box model, while WAS possesses weak white-box (32 KB, 112)-space hardness to satisfy anti-code lifting security. WAS has provable security and better storage cost than existing schemes, with the same anti-key extraction security and anti-code lifting security, only 128 KB of memory space is required in WAS, which is only 14% of SPACE-16 algorithm and 33% of Yoroi-16 algorithm.</p>\",\"PeriodicalId\":36402,\"journal\":{\"name\":\"Cybersecurity\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2023-12-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1186/s42400-023-00192-7\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-023-00192-7","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
白盒模型中的攻击者可以完全访问加密算法的软件实现,并完全控制其执行环境。为了解决目前大多数白盒加密算法存在的存储成本高和安全性不足的问题,WAS 提出了一种改进的 AS 迭代白盒加密算法。该方案利用AS迭代结构构建了一个具有五层ASASA结构的查找表,并将最大距离可分离矩阵作为线性层,在少量轮次内实现了完全扩散。在黑盒模型下,可以防止攻击者恢复密钥。查找表中非线性层 S 和仿射层 A 的长度为 16 位,有效避免了针对 ASASA 结构的分解攻击,使算法在白箱模型下具有防密钥提取安全性,而 WAS 具有弱白箱(32 KB,112)空间硬度,满足防代码解除安全性。与现有方案相比,WAS具有可证明的安全性和更好的存储成本,在相同的反密钥提取安全性和反代码提升安全性下,WAS只需要128 KB的内存空间,仅为SPACE-16算法的14%和Yoroi-16算法的33%。
WAS: improved white-box cryptographic algorithm over AS iteration
The attacker in white-box model has full access to software implementation of a cryptographic algorithm and full control over its execution environment. In order to solve the issues of high storage cost and inadequate security about most current white-box cryptographic schemes, WAS, an improved white-box cryptographic algorithm over AS iteration is proposed. This scheme utilizes the AS iterative structure to construct a lookup table with a five-layer ASASA structure, and the maximum distance separable matrix is used as a linear layer to achieve complete diffusion in a small number of rounds. Attackers can be prevented from recovering the key under black-box model. The length of nonlinear layer S and affine layer A in lookup table is 16 bits, which effectively avoids decomposition attack against the ASASA structure and makes the algorithm possess anti-key extraction security under the white-box model, while WAS possesses weak white-box (32 KB, 112)-space hardness to satisfy anti-code lifting security. WAS has provable security and better storage cost than existing schemes, with the same anti-key extraction security and anti-code lifting security, only 128 KB of memory space is required in WAS, which is only 14% of SPACE-16 algorithm and 33% of Yoroi-16 algorithm.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
