CN111884794A - SM4 white box implementation method based on interference wheel and external coding - Google Patents
SM4 white box implementation method based on interference wheel and external coding Download PDFInfo
- Publication number
- CN111884794A CN111884794A CN202010667999.0A CN202010667999A CN111884794A CN 111884794 A CN111884794 A CN 111884794A CN 202010667999 A CN202010667999 A CN 202010667999A CN 111884794 A CN111884794 A CN 111884794A
- Authority
- CN
- China
- Prior art keywords
- codes
- interference
- external
- coding
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an SM4 white box implementation method based on an interference wheel and external coding, which comprises the following steps: generating a reversible matrix and a vector at random, adding an interference wheel, and calculating composite affine transformation according to the obtained matrix and vector; inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; building an embedded round key and a T table; shifting operation and calculation; outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes; the reverse order operation of R results in the ciphertext being G encoded. The invention improves the SM4 white box realization method of Xiaoyanying et al, resists DCA attack by enhancing the linear transformation matrix density, increases a plurality of interference rounds at the end of the program to resist DFA attack, and finally increases external coding to improve the attack difficulty and enhance the safety of the realization of the SM4 white box.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a white box SM4 encryption algorithm scheme based on a dynamic equivalent wheel.
Background
The SM4 encryption algorithm is a block cipher standard published in China and is widely used in various fields throughout the country.
White-box encryption is an encryption algorithm technology that can resist white-box attacks. In 2002, Chow et al first proposed the concept of white-box attack, and shaoying et al designed a white-box implementation of SM4 based on the SM4 block cipher algorithm.
The side channel attack attacks the encrypted electronic device against side channel information leakage such as time consumption, power consumption or electromagnetic radiation during the operation of the encrypted electronic device. Side channel attacks include Differential Fault Attacks (DFAs) and Differential Computational Analysis (DCAs). DCA and DFA attacks have so far broken the numerous white-box implementations proposed by academia.
The scheme of Xiaoyayinget al mainly has the following disadvantages:
1. in the scheme, the random matrix Q is difficult to generate to ensure that no row vector with the Hamming weight of 1 exists, and the vector can not resist DCA attack.
2. The white box in the scheme is fixed in structure, an attacker can construct a differential error attack relation through the last 2 rounds, extract round keys of the T table in the last round, and then recover all keys.
3. The input coding and the output coding in the scheme only apply the inner coding, and the outer coding protection is not added.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides an SM4 white box implementation method based on an interference wheel and external coding, which resists DCA and DFA attacks by increasing the linear transformation matrix density, increasing the interference wheel at the end of a program, increasing random number interference and the like and increasing the external coding so as to enhance the security of SM4 white box implementation.
In order to achieve the purpose, the invention adopts the following technical scheme:
the invention provides an SM4 white box implementation method based on interference wheels and external coding, which comprises the following steps:
randomly generating a reversible matrix and vectors, wherein the Hamming weight of the reversible matrix is not 1, adding an interference wheel, calculating compound affine transformation according to the obtained matrix and vectors, and storing the matrix and constants obtained by the compound affine transformation;
inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; embedding a round key and a T table structure, generating the round key through a standard SM4 cryptographic algorithm, and embedding the key into an encryption process to construct a lookup table;
shifting operation and calculation are carried out; after the steps are subjected to multiple rounds of calculation, a ciphertext with codes is obtained;
outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes;
and R is performed in an inverted sequence, and the ciphertext coded by G is obtained through the R in an inverted sequence.
As a preferred technical solution, the reversible matrix is a 32-order reversible matrix, which specifically includes:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
the vector is a 32 × 1 random vector, and specifically includes:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
the above are random vectors of 32 × 1 over GF (2); wherein lambda is the number of interference adding rounds,
as a preferred technical solution, the calculating the complex affine transformation specifically includes:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
where r is 0,1, 31+ λ, j is 0,1,2, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
As a preferred technical solution, the storing the result of the complex affine transformation specifically includes storing the following matrix and constants:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
as a preferred technical solution, the input code is specifically:
the internal input code is combined with the external input code, and specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
wherein, IkIs a 32 th order matrix, i, over GF (2)kIs a 32 x 1 vector over GF (2), reusing IkFor input XkThe coding specifically comprises:
X'k=Ik·Xk+ik,k=0,1,2,3
wherein, X'kIs a 32 x 1 vector.
As a preferred technical solution, the embedded round key and the T table are specifically configured as follows:
generating 32 rounds of round keys rk through standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,jIn the SM4 algorithm, the transformation function T is:
wherein, Xr+1,Xr+2,Xr+3Is a 32 x 1 vector, and takes part in the calculation of the round keyrThe value of (1) is divided into the states of a normal wheel and an interference wheel, and the interference wheels appear in pairs;
traversing 8-bit input value x, storing 32-bit output value y, and constructing 8-in 32-out lookup table
Tabler,j:GF(28)→GF(232)
Wherein R isr,0||Rr,1||Rr,2||Rr,3=Qr·L,Rr,jIs a matrix of 32 x 8, and is,Tabler,jrepresenting an 8 in 32 out look up table.
As a preferred technical scheme, the round keyrThe method comprises the following specific steps:
as a preferred technical solution, the shift operation and calculation specifically include:
before the r round, the calculation is performed with the shift operation ROTr:
And (3) calculating:
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Wherein z is calculatedr,jIs a 32-bit value;
and (3) calculating:
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation by the steps of shift operation and calculation, a cipher text with codes can be obtained.
As a preferred technical solution, the output code is specifically:
the internal output code is combined with the external output code, specifically:
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2) with Y encoded intra-bandk' coding, in a specific manner:
Yk=Ok·Y′k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. based on the thought of variable round number, the invention leads the boundary between the rounds to become fuzzy in the encryption process, increases the attack difficulty and improves the security of the encryption process.
2. The scheme of the invention adds external coding and can effectively resist DFA and DCA attacks.
3. The invention provides the requirement that the Hamming weight of the row vector is more than 1 for the matrix Q, and enhances the capability of resisting DCA attack.
4. According to the invention, a plurality of interference rounds which appear in pairs are added in the last round realized by the white box, the secret key hidden in the interference round is the false secret key nk, an attacker cannot restore the real secret key after obtaining the secret key, and the DFA attack resistance is enhanced.
Drawings
FIG. 1 is a flow chart of a method for implementing the white box SM4 according to the invention;
FIG. 2 is a schematic diagram of a white box SM4 implementation method round function of the present invention;
FIG. 3 is a block diagram of a dynamic equivalent wheel T table according to the present invention;
FIG. 4 shows the ROT of the present inventionrSchematic diagram of the shifting method.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
Examples
The SM4 white box implementation method based on the interference wheel and the external coding resists DCA and DFA attacks by enhancing the density of the linear transformation matrix, increasing the interference wheel in the last wheel of the program, increasing the random number interference and the like and increasing the external coding, so as to enhance the security of the SM4 white box implementation. The embodiment is based on an interference wheel and an SM4 white box implementation method of external coding, as shown in fig. 1, and includes the following steps:
s1, randomly generating a reversible matrix and vectors, wherein the value of Hamming weight 1 does not exist in all row vectors in the reversible matrix, and adding an interference wheel:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
and the following 32 × 1 random vector:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
the above are random vectors of 32 × 1 over GF (2);
and calculating the following complex affine transformation according to the generated matrix and the vector thereof:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
Ik=Pk·Fk -1,ik=pk
where r is 0,1, 31, λ, j is 0,1,2, k is 0,1,2,3, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
And storing the following matrixes and constants according to the obtained calculation result:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
s2, inputting codes, namely combining the internal input codes with the external input codes; assume a 128 bit input (T)0,T1,T2,T3) Has been input into the code F code, Xi=Fi·XiAnd i is 0,1,2 and 3. Therefore, for the input code, it is necessary to cancel the influence of F first and then add the inner codes P, P and F-1Can be combined into IkThe method specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
reuse IkFor input XkCoding to obtain X'kThe method specifically comprises the following steps:
X'k=Ik·Xk+ik,k=0,1,2,3。
s3, constructing an embedded round key and a T table, and embedding the key into the encryption process through the embedded round key, so that the encryption key does not need to be input before encryption; the T-table is constructed as shown in FIG. 3.
Generating 32-bit round key rk by standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,j. In the SM4 algorithm, the transformation function T is as follows:
wherein, Xr+1,Xr+2,Xr+3Is a 32 × 1 vector, keyrIs divided into the states of normal wheel and disturbance wheel, the disturbance wheel appearing in pairs, in particularAs follows:
an 8-in 32-out lookup table is constructed below (traversing 8-bit input value x, storing 32-bit output value y)
Tabler,j:GF(28)→GF(232)
Wherein R isr,0||Rr,1||Rr,2||Rr,3=Qr·L,Rr,jIs a matrix of 32 x 8, and is,Tabler,jlook-up table showing 8 in and 32 out
S4, shift operation and calculation, in the r th wheel, by the input (X'r,X′r+1,X′r+2,X′r+3) Calculating X'r+4The process of (2) is as follows:
since the disturbing wheel is added at the 33 rd wheel (x-32), the shift operation ROT needs to be performed before the calculationrAs shown in fig. 4.
Shift operation (ROT)r):
The calculation, as shown in fig. 2, is as follows:
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Specifically, the calculation is as follows:
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation in step S4, a ciphertext (Y) with a code can be obtained0',Y1',Y2',Y3')。
S5, outputting codes, and combining the internal output codes with the external output codes; adding an outer code G while offsetting the inner code, specifically:
combining the internal output code with the external output code, specifically:
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2) with Y encoded intra-bandk' coding, in a specific manner:
Yk=Ok·Y′k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
S6, R reverse order operation, and G coded ciphertext (Y) is obtained after R reverse order operation3,Y2,Y1,Y0) The encoding of G cancels out during use.
It should also be noted that in this specification, terms such as "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. The SM4 white box implementation method based on the interference wheel and the external coding is characterized by comprising the following steps of:
randomly generating a reversible matrix and vectors, wherein the Hamming weight of the reversible matrix is not 1, adding an interference wheel, calculating compound affine transformation according to the obtained matrix and vectors, and storing the matrix and constants obtained by the compound affine transformation;
inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; embedding a round key and a T table structure, generating the round key through a standard SM4 cryptographic algorithm, and embedding the key into an encryption process to construct a lookup table;
shifting operation and calculation are carried out; after the steps are subjected to multiple rounds of calculation, a ciphertext with codes is obtained;
outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes;
and R is performed in an inverted sequence, and the ciphertext coded by G is obtained through the R in an inverted sequence.
2. The SM4 white-box implementation method based on interference wheels and external coding of claim 1, wherein the invertible matrix is a 32-order invertible matrix, specifically:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
the vector is a 32 × 1 random vector, and specifically includes:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
3. The SM4 white-box implementation method based on interference wheels and external coding according to claim 2, wherein the computing of the complex affine transformation is specifically:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
where r is 0,1, 31+ λ, j is 0,1,2, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
4. The SM4 white-box implementation method based on interference wheels and external coding according to claim 3, wherein the storing of the result of the complex affine transformation is specifically to store the following matrices and constants:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
5. the SM4 white box implementation method based on interference wheels and external coding as claimed in claim 1, wherein the input coding is specifically:
the internal input code is combined with the external input code, and specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
wherein, IkIs a 32 th order matrix, i, over GF (2)kIs a 32 x 1 vector over GF (2), reusing IkFor input XkThe coding specifically comprises:
X'k=Ik·Xk+ik,k=0,1,2,3
wherein, X'kIs a 32 x 1 vector.
6. The SM4 white box implementation method based on interference round and outer coding of claim 1, wherein the embedded round key and T table construction specifically is:
generating 32 rounds of round keys rk through standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,jIn the SM4 algorithm, the transformation function T is:
wherein, Xr+1,Xr+2,Xr+3Is a 32 x 1 vector, and takes part in the calculation of the round keyrThe value of (1) is divided into the states of a normal wheel and an interference wheel, and the interference wheels appear in pairs;
traversing 8-bit input value x, storing 32-bit output value y, and constructing 8-in 32-out lookup table
Tabler,j:GF(28)→GF(232)
8. the SM4 white-box implementation method based on interference wheels and external coding according to claim 3, wherein the shifting operation and calculation are specifically:
before the r round, the calculation is performed with the shift operation ROTr:
And (3) calculating:
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Wherein z is calculatedr,jIs a 32-bit value;
and (3) calculating:
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation by the steps of shift operation and calculation, a cipher text with codes can be obtained.
9. The SM4 white box implementation method based on interference wheels and external coding as claimed in claim 1, wherein the output coding is specifically:
the internal output code is combined with the external output code, specifically:
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2), and is additionally provided with intra-coded Y'kThe coding is specifically as follows:
Yk=Ok·Y'k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010667999.0A CN111884794A (en) | 2020-07-13 | 2020-07-13 | SM4 white box implementation method based on interference wheel and external coding |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010667999.0A CN111884794A (en) | 2020-07-13 | 2020-07-13 | SM4 white box implementation method based on interference wheel and external coding |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111884794A true CN111884794A (en) | 2020-11-03 |
Family
ID=73151130
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010667999.0A Pending CN111884794A (en) | 2020-07-13 | 2020-07-13 | SM4 white box implementation method based on interference wheel and external coding |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111884794A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114254372A (en) * | 2022-02-28 | 2022-03-29 | 北京信安世纪科技股份有限公司 | Data encryption processing method and system and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170195117A1 (en) * | 2014-09-18 | 2017-07-06 | Huawei International Pte. Ltd. | Encryption function and decryption function generating method, encryption and decryption method and related apparatuses |
CN108809626A (en) * | 2018-05-30 | 2018-11-13 | 北京安如山文化科技有限公司 | A kind of whitepack SM4 cryptographic algorithms scheme and system |
CN110278072A (en) * | 2019-07-11 | 2019-09-24 | 北京电子科技学院 | One kind 16 takes turns SM4-128/128 whitepack password implementation method |
CN110474761A (en) * | 2019-07-11 | 2019-11-19 | 北京电子科技学院 | One kind 16 takes turns SM4-256 whitepack password implementation method |
-
2020
- 2020-07-13 CN CN202010667999.0A patent/CN111884794A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170195117A1 (en) * | 2014-09-18 | 2017-07-06 | Huawei International Pte. Ltd. | Encryption function and decryption function generating method, encryption and decryption method and related apparatuses |
CN108809626A (en) * | 2018-05-30 | 2018-11-13 | 北京安如山文化科技有限公司 | A kind of whitepack SM4 cryptographic algorithms scheme and system |
CN110278072A (en) * | 2019-07-11 | 2019-09-24 | 北京电子科技学院 | One kind 16 takes turns SM4-128/128 whitepack password implementation method |
CN110474761A (en) * | 2019-07-11 | 2019-11-19 | 北京电子科技学院 | One kind 16 takes turns SM4-256 whitepack password implementation method |
Non-Patent Citations (2)
Title |
---|
SEUNGKWANG LEE等: "On the Linear Transformation in White-Box Cryptography", IEEE ACCESS, vol. 8, pages 51684 - 51691, XP011779540, DOI: 10.1109/ACCESS.2020.2980594 * |
孙涛等: "一种NoisyRounds保护的白盒AES实现及其差分故障分析", 密码学报, pages 342 - 357 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114254372A (en) * | 2022-02-28 | 2022-03-29 | 北京信安世纪科技股份有限公司 | Data encryption processing method and system and electronic equipment |
CN114254372B (en) * | 2022-02-28 | 2022-08-05 | 北京信安世纪科技股份有限公司 | Data encryption processing method and system and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Merkle | A fast software one-way hash function | |
Wong et al. | An efficient diffusion approach for chaos-based image encryption | |
CN109981256B (en) | White box block cipher construction method and system based on Feistel Box structure | |
Seyedzade et al. | A novel image encryption algorithm based on hash function | |
KR100930577B1 (en) | Message authentication code generation method using stream cipher, authentication encryption method using stream cipher, and authentication decryption method using stream cipher | |
CN111555862B (en) | White-box AES implementation method of random redundant round function based on mask protection | |
CN105187364A (en) | Protecting A White-box Implementation Against Attacks | |
JP7065888B2 (en) | Cryptographic devices and methods | |
CN110071794B (en) | AES algorithm-based information encryption method, system and related components | |
CN107070636B (en) | White box software implementation method of quotient cipher SM4 algorithm in standard cipher text output format | |
CN109791517A (en) | Parallel multiplication operation is protected to attack from external monitoring | |
CN105591734A (en) | White-box cryptograph non-linear encoding protection method based on table lookup | |
Biham et al. | How to strengthen DES using existing hardware | |
CN104410490B (en) | The method of non-linear extruding protection password S boxes | |
CN105184115A (en) | Method For Including An Implicit Integrity Or Authenticity Check Into A White-box Implementation | |
Liu et al. | Cryptanalysis and enhancement of an image encryption scheme based on bit-plane extraction and multiple chaotic maps | |
CN111800255A (en) | Dynamic white-box library generation and use method suitable for block cipher white-box | |
Liu et al. | Fault attacks on authenticated encryption modes for GIFT | |
CN111884794A (en) | SM4 white box implementation method based on interference wheel and external coding | |
CN109242751B (en) | Image encryption method based on chaotic tent mapping and DNA decoding | |
CN114374775A (en) | Image encryption method based on Julia set and DNA coding | |
Wang et al. | Cryptanalysis of a white‐box SM4 implementation based on collision attack | |
Yoo et al. | A method for secure and efficient block cipher using white-box cryptography | |
CN112866288A (en) | Data symmetric encryption method for double-plaintext transmission | |
Liu et al. | Improved zero‐correlation linear cryptanalysis of reduced‐round Camellia under weak keys |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |