CN111884794A - SM4 white box implementation method based on interference wheel and external coding - Google Patents

SM4 white box implementation method based on interference wheel and external coding Download PDF

Info

Publication number
CN111884794A
CN111884794A CN202010667999.0A CN202010667999A CN111884794A CN 111884794 A CN111884794 A CN 111884794A CN 202010667999 A CN202010667999 A CN 202010667999A CN 111884794 A CN111884794 A CN 111884794A
Authority
CN
China
Prior art keywords
codes
interference
external
coding
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010667999.0A
Other languages
Chinese (zh)
Inventor
龚征
孙涛
汤宇锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Anyan Information Technology Co ltd
Original Assignee
Guangzhou Anyan Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Anyan Information Technology Co ltd filed Critical Guangzhou Anyan Information Technology Co ltd
Priority to CN202010667999.0A priority Critical patent/CN111884794A/en
Publication of CN111884794A publication Critical patent/CN111884794A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses an SM4 white box implementation method based on an interference wheel and external coding, which comprises the following steps: generating a reversible matrix and a vector at random, adding an interference wheel, and calculating composite affine transformation according to the obtained matrix and vector; inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; building an embedded round key and a T table; shifting operation and calculation; outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes; the reverse order operation of R results in the ciphertext being G encoded. The invention improves the SM4 white box realization method of Xiaoyanying et al, resists DCA attack by enhancing the linear transformation matrix density, increases a plurality of interference rounds at the end of the program to resist DFA attack, and finally increases external coding to improve the attack difficulty and enhance the safety of the realization of the SM4 white box.

Description

SM4 white box implementation method based on interference wheel and external coding
Technical Field
The invention relates to the technical field of information security, in particular to a white box SM4 encryption algorithm scheme based on a dynamic equivalent wheel.
Background
The SM4 encryption algorithm is a block cipher standard published in China and is widely used in various fields throughout the country.
White-box encryption is an encryption algorithm technology that can resist white-box attacks. In 2002, Chow et al first proposed the concept of white-box attack, and shaoying et al designed a white-box implementation of SM4 based on the SM4 block cipher algorithm.
The side channel attack attacks the encrypted electronic device against side channel information leakage such as time consumption, power consumption or electromagnetic radiation during the operation of the encrypted electronic device. Side channel attacks include Differential Fault Attacks (DFAs) and Differential Computational Analysis (DCAs). DCA and DFA attacks have so far broken the numerous white-box implementations proposed by academia.
The scheme of Xiaoyayinget al mainly has the following disadvantages:
1. in the scheme, the random matrix Q is difficult to generate to ensure that no row vector with the Hamming weight of 1 exists, and the vector can not resist DCA attack.
2. The white box in the scheme is fixed in structure, an attacker can construct a differential error attack relation through the last 2 rounds, extract round keys of the T table in the last round, and then recover all keys.
3. The input coding and the output coding in the scheme only apply the inner coding, and the outer coding protection is not added.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides an SM4 white box implementation method based on an interference wheel and external coding, which resists DCA and DFA attacks by increasing the linear transformation matrix density, increasing the interference wheel at the end of a program, increasing random number interference and the like and increasing the external coding so as to enhance the security of SM4 white box implementation.
In order to achieve the purpose, the invention adopts the following technical scheme:
the invention provides an SM4 white box implementation method based on interference wheels and external coding, which comprises the following steps:
randomly generating a reversible matrix and vectors, wherein the Hamming weight of the reversible matrix is not 1, adding an interference wheel, calculating compound affine transformation according to the obtained matrix and vectors, and storing the matrix and constants obtained by the compound affine transformation;
inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; embedding a round key and a T table structure, generating the round key through a standard SM4 cryptographic algorithm, and embedding the key into an encryption process to construct a lookup table;
shifting operation and calculation are carried out; after the steps are subjected to multiple rounds of calculation, a ciphertext with codes is obtained;
outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes;
and R is performed in an inverted sequence, and the ciphertext coded by G is obtained through the R in an inverted sequence.
As a preferred technical solution, the reversible matrix is a 32-order reversible matrix, which specifically includes:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
the vector is a 32 × 1 random vector, and specifically includes:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
the above are random vectors of 32 × 1 over GF (2); wherein lambda is the number of interference adding rounds,
Figure BDA0002581202510000031
as a preferred technical solution, the calculating the complex affine transformation specifically includes:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
Figure BDA0002581202510000032
where r is 0,1, 31+ λ, j is 0,1,2, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
As a preferred technical solution, the storing the result of the complex affine transformation specifically includes storing the following matrix and constants:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
as a preferred technical solution, the input code is specifically:
the internal input code is combined with the external input code, and specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
wherein, IkIs a 32 th order matrix, i, over GF (2)kIs a 32 x 1 vector over GF (2), reusing IkFor input XkThe coding specifically comprises:
X'k=Ik·Xk+ik,k=0,1,2,3
wherein, X'kIs a 32 x 1 vector.
As a preferred technical solution, the embedded round key and the T table are specifically configured as follows:
generating 32 rounds of round keys rk through standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,jIn the SM4 algorithm, the transformation function T is:
Figure BDA0002581202510000033
wherein, Xr+1,Xr+2,Xr+3Is a 32 x 1 vector, and takes part in the calculation of the round keyrThe value of (1) is divided into the states of a normal wheel and an interference wheel, and the interference wheels appear in pairs;
traversing 8-bit input value x, storing 32-bit output value y, and constructing 8-in 32-out lookup table
Tabler,j:GF(28)→GF(232)
Figure BDA0002581202510000041
Wherein R isr,0||Rr,1||Rr,2||Rr,3=Qr·L,Rr,jIs a matrix of 32 x 8, and is,
Figure BDA0002581202510000042
Tabler,jrepresenting an 8 in 32 out look up table.
As a preferred technical scheme, the round keyrThe method comprises the following specific steps:
Figure BDA0002581202510000043
Figure BDA0002581202510000044
wherein a isj,j∈[0,3]Each of the length of which is 8 bits,
Figure BDA0002581202510000045
as a preferred technical solution, the shift operation and calculation specifically include:
before the r round, the calculation is performed with the shift operation ROTr
Figure BDA0002581202510000046
And (3) calculating:
Figure BDA0002581202510000047
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Wherein z is calculatedr,jIs a 32-bit value;
and (3) calculating:
Figure BDA0002581202510000051
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation by the steps of shift operation and calculation, a cipher text with codes can be obtained.
As a preferred technical solution, the output code is specifically:
the internal output code is combined with the external output code, specifically:
Figure BDA0002581202510000052
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2) with Y encoded intra-bandk' coding, in a specific manner:
Yk=Ok·Y′k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. based on the thought of variable round number, the invention leads the boundary between the rounds to become fuzzy in the encryption process, increases the attack difficulty and improves the security of the encryption process.
2. The scheme of the invention adds external coding and can effectively resist DFA and DCA attacks.
3. The invention provides the requirement that the Hamming weight of the row vector is more than 1 for the matrix Q, and enhances the capability of resisting DCA attack.
4. According to the invention, a plurality of interference rounds which appear in pairs are added in the last round realized by the white box, the secret key hidden in the interference round is the false secret key nk, an attacker cannot restore the real secret key after obtaining the secret key, and the DFA attack resistance is enhanced.
Drawings
FIG. 1 is a flow chart of a method for implementing the white box SM4 according to the invention;
FIG. 2 is a schematic diagram of a white box SM4 implementation method round function of the present invention;
FIG. 3 is a block diagram of a dynamic equivalent wheel T table according to the present invention;
FIG. 4 shows the ROT of the present inventionrSchematic diagram of the shifting method.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
Examples
The SM4 white box implementation method based on the interference wheel and the external coding resists DCA and DFA attacks by enhancing the density of the linear transformation matrix, increasing the interference wheel in the last wheel of the program, increasing the random number interference and the like and increasing the external coding, so as to enhance the security of the SM4 white box implementation. The embodiment is based on an interference wheel and an SM4 white box implementation method of external coding, as shown in fig. 1, and includes the following steps:
s1, randomly generating a reversible matrix and vectors, wherein the value of Hamming weight 1 does not exist in all row vectors in the reversible matrix, and adding an interference wheel:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
and the following 32 × 1 random vector:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
the above are random vectors of 32 × 1 over GF (2);
wherein the number of interference rounds lambda is the number of interference rounds added,
Figure BDA0002581202510000061
Figure BDA0002581202510000071
and calculating the following complex affine transformation according to the generated matrix and the vector thereof:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
Figure BDA0002581202510000072
Ik=Pk·Fk -1,ik=pk
Figure BDA0002581202510000073
where r is 0,1, 31, λ, j is 0,1,2, k is 0,1,2,3, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
And storing the following matrixes and constants according to the obtained calculation result:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
s2, inputting codes, namely combining the internal input codes with the external input codes; assume a 128 bit input (T)0,T1,T2,T3) Has been input into the code F code, Xi=Fi·XiAnd i is 0,1,2 and 3. Therefore, for the input code, it is necessary to cancel the influence of F first and then add the inner codes P, P and F-1Can be combined into IkThe method specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
reuse IkFor input XkCoding to obtain X'kThe method specifically comprises the following steps:
X'k=Ik·Xk+ik,k=0,1,2,3。
s3, constructing an embedded round key and a T table, and embedding the key into the encryption process through the embedded round key, so that the encryption key does not need to be input before encryption; the T-table is constructed as shown in FIG. 3.
Generating 32-bit round key rk by standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,j. In the SM4 algorithm, the transformation function T is as follows:
Figure BDA0002581202510000074
wherein, Xr+1,Xr+2,Xr+3Is a 32 × 1 vector, keyrIs divided into the states of normal wheel and disturbance wheel, the disturbance wheel appearing in pairs, in particularAs follows:
Figure BDA0002581202510000081
Figure BDA0002581202510000082
wherein a isj,j∈[0,3]Each of the length of which is 8 bits,
Figure BDA0002581202510000083
an 8-in 32-out lookup table is constructed below (traversing 8-bit input value x, storing 32-bit output value y)
Tabler,j:GF(28)→GF(232)
Figure BDA0002581202510000084
Wherein R isr,0||Rr,1||Rr,2||Rr,3=Qr·L,Rr,jIs a matrix of 32 x 8, and is,
Figure BDA0002581202510000085
Tabler,jlook-up table showing 8 in and 32 out
S4, shift operation and calculation, in the r th wheel, by the input (X'r,X′r+1,X′r+2,X′r+3) Calculating X'r+4The process of (2) is as follows:
since the disturbing wheel is added at the 33 rd wheel (x-32), the shift operation ROT needs to be performed before the calculationrAs shown in fig. 4.
Shift operation (ROT)r):
Figure BDA0002581202510000086
The calculation, as shown in fig. 2, is as follows:
Figure BDA0002581202510000087
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Specifically, the calculation is as follows:
Figure BDA0002581202510000091
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation in step S4, a ciphertext (Y) with a code can be obtained0',Y1',Y2',Y3')。
S5, outputting codes, and combining the internal output codes with the external output codes; adding an outer code G while offsetting the inner code, specifically:
combining the internal output code with the external output code, specifically:
Figure BDA0002581202510000092
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2) with Y encoded intra-bandk' coding, in a specific manner:
Yk=Ok·Y′k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
S6, R reverse order operation, and G coded ciphertext (Y) is obtained after R reverse order operation3,Y2,Y1,Y0) The encoding of G cancels out during use.
It should also be noted that in this specification, terms such as "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. The SM4 white box implementation method based on the interference wheel and the external coding is characterized by comprising the following steps of:
randomly generating a reversible matrix and vectors, wherein the Hamming weight of the reversible matrix is not 1, adding an interference wheel, calculating compound affine transformation according to the obtained matrix and vectors, and storing the matrix and constants obtained by the compound affine transformation;
inputting codes, namely combining the internal input codes with the external input codes, offsetting the influence of the F codes and adding the internal codes P; embedding a round key and a T table structure, generating the round key through a standard SM4 cryptographic algorithm, and embedding the key into an encryption process to construct a lookup table;
shifting operation and calculation are carried out; after the steps are subjected to multiple rounds of calculation, a ciphertext with codes is obtained;
outputting codes, namely combining the internal output codes with the external output codes, and adding the external codes G while offsetting the internal codes;
and R is performed in an inverted sequence, and the ciphertext coded by G is obtained through the R in an inverted sequence.
2. The SM4 white-box implementation method based on interference wheels and external coding of claim 1, wherein the invertible matrix is a 32-order invertible matrix, specifically:
P0,P1,…,P35+λ,Q0,Q1,…,Q31+λ,E0,E1,…,E31+λ,F0,F1,F2,F3,G0,G1,G2,G3
the above are reversible matrices of order 32 on GF (2);
the vector is a 32 × 1 random vector, and specifically includes:
p0,p1,…,p35+λ,q1,q2,…,q31+λ,e1,e2,…,e31+λ,nk0,nk1,...,nkλ/2
the above are random vectors of 32 × 1 over GF (2); where λ is the number of added interference rounds, Er=diag(Er,0,Er,1,Er,2,Er,3),
Figure FDA0002581202500000011
3. The SM4 white-box implementation method based on interference wheels and external coding according to claim 2, wherein the computing of the complex affine transformation is specifically:
Dr=Pr+4·Qr -1,dr=Pr+4·Qr -1·qr
Cr=Pr+4·Pr -1,cr=Pr+4·Pr -1·pr+pr+4
Figure FDA0002581202500000012
where r is 0,1, 31+ λ, j is 0,1,2, Dr,Cr,Mr,jIs a 32 th order matrix on GF (2), dr,cr,mr,jIs a 32 x 1 vector over GF (2).
4. The SM4 white-box implementation method based on interference wheels and external coding according to claim 3, wherein the storing of the result of the complex affine transformation is specifically to store the following matrices and constants:
Dr,dr,Cr,cr,Mr,j,Ik,ik,Ok,ok,nkt,r∈0,1,2,...,31+λ,j∈0,1,2,t∈0,1,...λ/2,k=0,1,2,3。
5. the SM4 white box implementation method based on interference wheels and external coding as claimed in claim 1, wherein the input coding is specifically:
the internal input code is combined with the external input code, and specifically comprises the following steps:
Ik=Pk·Fk -1,ik=pk,k=0,1,2,3
wherein, IkIs a 32 th order matrix, i, over GF (2)kIs a 32 x 1 vector over GF (2), reusing IkFor input XkThe coding specifically comprises:
X'k=Ik·Xk+ik,k=0,1,2,3
wherein, X'kIs a 32 x 1 vector.
6. The SM4 white box implementation method based on interference round and outer coding of claim 1, wherein the embedded round key and T table construction specifically is:
generating 32 rounds of round keys rk through standard SM4 cipher algorithm in advancerLet rk berDivided into four segments rk of length 8 bitsr,jIn the SM4 algorithm, the transformation function T is:
Figure FDA0002581202500000021
wherein, Xr+1,Xr+2,Xr+3Is a 32 x 1 vector, and takes part in the calculation of the round keyrThe value of (1) is divided into the states of a normal wheel and an interference wheel, and the interference wheels appear in pairs;
traversing 8-bit input value x, storing 32-bit output value y, and constructing 8-in 32-out lookup table
Tabler,j:GF(28)→GF(232)
Figure FDA0002581202500000022
Wherein R isr,0||Rr,1||Rr,2||Rr,3=Qr·L,Rr,jIs a matrix of 32 x 8, and is,
Figure FDA0002581202500000031
Tabler,jrepresenting an 8 in 32 out look up table.
7. The SM4 white-box implementation method based on interference round and outer coding of claim 6, wherein the round keyrThe method comprises the following specific steps:
Figure FDA0002581202500000032
Figure FDA0002581202500000033
wherein a isj,j∈[0,3]Each of the length of which is 8 bits,
Figure FDA0002581202500000034
8. the SM4 white-box implementation method based on interference wheels and external coding according to claim 3, wherein the shifting operation and calculation are specifically:
before the r round, the calculation is performed with the shift operation ROTr
Figure FDA0002581202500000035
And (3) calculating:
Figure FDA0002581202500000036
wherein M isr,jAnd mr,jIs the result of the composite affine transformation;
remember yr=yr,0||yr,1||yr,2||yr,3From each yr,jQuerying Table separatelyr,j(yr,j),j=0,1,2,3
zr,j=Tabler,j(yr,j),j=0,1,2,3
Wherein z is calculatedr,jIs a 32-bit value;
and (3) calculating:
Figure FDA0002581202500000041
wherein Dr,dr,Cr,crIs the result of the above-mentioned complex affine transformation;
after 32+ lambda rounds of calculation by the steps of shift operation and calculation, a cipher text with codes can be obtained.
9. The SM4 white box implementation method based on interference wheels and external coding as claimed in claim 1, wherein the output coding is specifically:
the internal output code is combined with the external output code, specifically:
Figure FDA0002581202500000042
wherein the calculated OkIs a 32 th order matrix on GF (2), okIs a 32 x 1 vector over GF (2), and is additionally provided with intra-coded Y'kThe coding is specifically as follows:
Yk=Ok·Y'k+ok,k=0,1,2,3
wherein Y is obtainedkIs a 32 x 1 vector.
CN202010667999.0A 2020-07-13 2020-07-13 SM4 white box implementation method based on interference wheel and external coding Pending CN111884794A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010667999.0A CN111884794A (en) 2020-07-13 2020-07-13 SM4 white box implementation method based on interference wheel and external coding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010667999.0A CN111884794A (en) 2020-07-13 2020-07-13 SM4 white box implementation method based on interference wheel and external coding

Publications (1)

Publication Number Publication Date
CN111884794A true CN111884794A (en) 2020-11-03

Family

ID=73151130

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010667999.0A Pending CN111884794A (en) 2020-07-13 2020-07-13 SM4 white box implementation method based on interference wheel and external coding

Country Status (1)

Country Link
CN (1) CN111884794A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114254372A (en) * 2022-02-28 2022-03-29 北京信安世纪科技股份有限公司 Data encryption processing method and system and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170195117A1 (en) * 2014-09-18 2017-07-06 Huawei International Pte. Ltd. Encryption function and decryption function generating method, encryption and decryption method and related apparatuses
CN108809626A (en) * 2018-05-30 2018-11-13 北京安如山文化科技有限公司 A kind of whitepack SM4 cryptographic algorithms scheme and system
CN110278072A (en) * 2019-07-11 2019-09-24 北京电子科技学院 One kind 16 takes turns SM4-128/128 whitepack password implementation method
CN110474761A (en) * 2019-07-11 2019-11-19 北京电子科技学院 One kind 16 takes turns SM4-256 whitepack password implementation method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170195117A1 (en) * 2014-09-18 2017-07-06 Huawei International Pte. Ltd. Encryption function and decryption function generating method, encryption and decryption method and related apparatuses
CN108809626A (en) * 2018-05-30 2018-11-13 北京安如山文化科技有限公司 A kind of whitepack SM4 cryptographic algorithms scheme and system
CN110278072A (en) * 2019-07-11 2019-09-24 北京电子科技学院 One kind 16 takes turns SM4-128/128 whitepack password implementation method
CN110474761A (en) * 2019-07-11 2019-11-19 北京电子科技学院 One kind 16 takes turns SM4-256 whitepack password implementation method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SEUNGKWANG LEE等: "On the Linear Transformation in White-Box Cryptography", IEEE ACCESS, vol. 8, pages 51684 - 51691, XP011779540, DOI: 10.1109/ACCESS.2020.2980594 *
孙涛等: "一种NoisyRounds保护的白盒AES实现及其差分故障分析", 密码学报, pages 342 - 357 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114254372A (en) * 2022-02-28 2022-03-29 北京信安世纪科技股份有限公司 Data encryption processing method and system and electronic equipment
CN114254372B (en) * 2022-02-28 2022-08-05 北京信安世纪科技股份有限公司 Data encryption processing method and system and electronic equipment

Similar Documents

Publication Publication Date Title
Merkle A fast software one-way hash function
Wong et al. An efficient diffusion approach for chaos-based image encryption
CN109981256B (en) White box block cipher construction method and system based on Feistel Box structure
Seyedzade et al. A novel image encryption algorithm based on hash function
KR100930577B1 (en) Message authentication code generation method using stream cipher, authentication encryption method using stream cipher, and authentication decryption method using stream cipher
CN111555862B (en) White-box AES implementation method of random redundant round function based on mask protection
CN105187364A (en) Protecting A White-box Implementation Against Attacks
JP7065888B2 (en) Cryptographic devices and methods
CN110071794B (en) AES algorithm-based information encryption method, system and related components
CN107070636B (en) White box software implementation method of quotient cipher SM4 algorithm in standard cipher text output format
CN109791517A (en) Parallel multiplication operation is protected to attack from external monitoring
CN105591734A (en) White-box cryptograph non-linear encoding protection method based on table lookup
Biham et al. How to strengthen DES using existing hardware
CN104410490B (en) The method of non-linear extruding protection password S boxes
CN105184115A (en) Method For Including An Implicit Integrity Or Authenticity Check Into A White-box Implementation
Liu et al. Cryptanalysis and enhancement of an image encryption scheme based on bit-plane extraction and multiple chaotic maps
CN111800255A (en) Dynamic white-box library generation and use method suitable for block cipher white-box
Liu et al. Fault attacks on authenticated encryption modes for GIFT
CN111884794A (en) SM4 white box implementation method based on interference wheel and external coding
CN109242751B (en) Image encryption method based on chaotic tent mapping and DNA decoding
CN114374775A (en) Image encryption method based on Julia set and DNA coding
Wang et al. Cryptanalysis of a white‐box SM4 implementation based on collision attack
Yoo et al. A method for secure and efficient block cipher using white-box cryptography
CN112866288A (en) Data symmetric encryption method for double-plaintext transmission
Liu et al. Improved zero‐correlation linear cryptanalysis of reduced‐round Camellia under weak keys

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination