DE102004043243A1 - Method for protecting keys - Google Patents

Abstract

A method for concealing at least one key (k) in an encryption algorithm (E¶k¶ (x)) for encrypting data (x), the method comprising the steps of: splitting at least part of the encryption algorithm (E¶k¶ (x) ) with the at least one key (k) into elementary operations (E¶i¶ (x)) and replacing at least one elementary operation (E¶i¶ (x)) by an equivalent elementary operation formed on the basis of an invertible function (S) Operation (E¶i¶ '(x)).

Description

The The present invention relates to a method for protecting keys, in particular a method for hiding keys during use, as well an encryption algorithm with a key hidden inside.

at the use of encryption methods it is basically a problem is the key to use against unauthorized access to protect. In various applications there is a risk that the used key at least for a short time "visible", as it is during the Processing of the encryption algorithm is loaded as a parameter in the memory. With the help of suitable "debugging tools "can such visible key be recognized and copied. To the key also against such attacks protect to be able to In the prior art, algorithmic transformation techniques are used as additional Security features proposed. Such additional Security features are known by the keyword "program obfuscation".

The current main field of application for such security functions is software-based copy protection or more general Securing licenses and rights to media content of all Art as part of a "digital rights management ". In this case, the authorized user or user at the uncontrolled retransmission or passing on content or programs to unauthorized third parties become. Typically, this is done by outputting the content in encrypted Form, wherein the authorization information then in the form of a password or also a "license key " becomes. This authorization information then depends on the key to decryption content in a more or less explicit way.

Various techniques for "program obfuscation" are known in the art Common techniques for securing general algorithms and arbitrary computer programs are described, inter alia, in "A Taxonomy of Obfuscating Transformations" by C. Collberg, C. Thomborson, and D. Low in Technical Report # 148, Department of Computer Science, University of Auckland, 1997, and "Manufacturing cheap, resilient, and stealthy opaque constructs" by C. Collberg, C. Thomborson, and D. Low in 25 ^th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 98), pages 184-196; ACM Press.

specific Random techniques Transformation, in particular cryptographic algorithms described in the patent application WO01 / 31422.

These However, processes known in the prior art have the disadvantage that the key anyway is still sufficiently visible. In addition, these lead Method for increasing the Codes and thus also to a deterioration of the runtime behavior and a deterioration of storage efficiency.

The The object of the present invention is therefore to provide a method with the key up simple and secure way in computer applications with cryptographic functionality can be integrated without the disadvantages described above occur. By the Use of the method should be key especially in computer applications protected with integrated symmetric encryption algorithm, where at least one key Is part of the program code and this program code is not in one protected Environment, such as a separate hardware environment is.

According to the invention this Task by a method for hiding at least one key in an encryption algorithm to encrypt solved by data, the method comprising the steps of: splitting at least part of the encryption algorithm with the at least one key in elementary operations and replacing at least one elementary one Operation by an based on an invertible function formed equivalents elementary operation.

With the aid of this method according to the invention, it is possible to conceal a dish embedded in an encryption function by doing this with the elementary operations of the closures fusing function and the elements of an invertible function into a unit which, according to current knowledge, can not be resolved by an unauthorized person with systematic approaches.

in the In the context of the present invention, the term key designates any Information provided by an unauthorized person in an advantageous manner could be used and therefore protected against detection by an unauthorized person should. This key is inventively with a encryption algorithm used. This is any function that the key used as intended. An example of this is a function that checks the correctness of the key.

According to the invention encryption algorithm with the key in a first step decomposed into elementary operations. In principle, everyone can Algorithms are decomposed into a composition of individual operations, where each single operation handles one step of the algorithm. An example of one Single surgery is a change a component of the encryption algorithm supplied Information using a specific function. According to this Function may, for example, become a component of the information supplied a certain amount can be added. Single operations in which only changed a component is called elementary operations.

To the division of at least part of the encryption algorithm in elementary operations, according to the invention at least a part of this elementary operations by so-called equivalent elementary operations replaced. In the context of the present invention, these equivalent elementary operations based on an invertible function educated. As a result, the intermediate results of the elementary Operations masked, that is covered. This step is also called transformation. This invertible function can be chosen arbitrarily. The invertible function is preferably random from the set of 1 · 2 · ... · 256 different ones invertible functions selected.

With Help of this procedure can easily put a key in an encryption algorithm be masked or masked. Replacing single elementary operations through equivalent equivalent elementary operations can be done without much effort allows become. However, this replacement will find the key in the encryption algorithm considerably more difficult. this makes possible a restriction the dissemination of an appropriate program or equivalent File to the author of the program or the data allowed Shape. This also achieves a robust individualization of the code and thus the potential traceability in illegitimate Proliferation.

According to one preferred embodiment The present invention will be the equivalent elementary operation by a concatenation of the elementary operation with the invertible one Function and the inverted formed the invertible function. This is a very simple, but also effective Education of the equivalent elementary operations.

Preferably will after the formation of the equivalent elementary operations the concatenation of all elementary operations - with the equivalent ones elementary operations in the places where they were previously replaced - again concatenated with the invertible function. Through this renewed concatenation with the invertible function an algorithm is provided with the appropriate application in a simple way the presence can check the right key, an unauthorized person but no information about the key can gain.

According to one another preferred embodiment The present invention will be the equivalent elemental operation formed with the help of value tables. In a further preferred embodiment become the equivalent elementary operations gradually with the help of projections educated.

The Safety of the method may be further preferred embodiment be further increased, by after splitting at least part of the encryption algorithm with at least one key in elementary operations at least two consecutive elementary Operations are connected to a new elementary operation. In the context of this preferred embodiment are then in the then the following replacement step also the new elementary operation through equivalent ones replaced elementary operations.

According to a preferred embodiment of the present invention, the concatenation of ele mentar operations, equivalent elementary operations and the invertible function in a safe, ie formed at a sheltered place and passed to an insecure place. At the unsafe place can no longer be closed on the key due to the method according to the invention. However, with the aid of the inverters of the invertible function, the result from the application of the encryption algorithm to the key can be calculated, thereby obtaining information about the authorization.

According to one another preferred embodiment The security of the hidden key may still be present in the present invention further increased when the data vector to be processed is split into two vectors becomes. Preferably for this splitting two projections - more preferably two xor-linear orthogonal projections - used.

In a further preferred embodiment Symmetric keys are used in the present invention. Further preferred is the AES algorithm (Advanced Encryption Standard) for the encryption used.

In a further preferred embodiment should be transferred Transfer data to different recipients become. Therefor be the data before the transfer transformed based on a common invertible function. At each recipient then becomes a pre-transformation performed with an invertible function, this being invertible Function based on the inverters of the common invertible Function and one for the recipient based on specific invertible function.

The inventive method can be beneficial for the hiding of different information can be used. An example is an authentication method in which the secure Instance, such as a SmartCard, the authenticity of a Unsafe instance, for example, verified a set top box. In this case, the verification can be performed using a challenge-response procedure, especially with a symmetric encryption algorithm. In other examples, the method of the invention is for transfer of license data or to build up an individual communication channel with return channel used between two instances.

in the The following are preferred embodiments of the present invention by way of example with reference to the accompanying Figures described, wherein

1 in a flowchart illustrating the application of a first embodiment of the method according to the invention, and

2 in a flowchart illustrates the application of a second embodiment of the method according to the invention.

In the related with 1 described embodiment, an encryption algorithm E _K (x) is used with a key K firmly embedded therein and a corresponding decryption method D _K (x). In this example, the encryption algorithm x → E _K (x) is based on 8-bit text blocks x = [x ₁ , x ₂ , ..., x _k ] with a fixed length k. In principle, such an encryption algorithm can also be based on m-bit text blocks with variable length. The key K used in this embodiment and embedded in the encryption algorithm also takes the form of an 8-bit data vector K = [K ₁ ,..., _{K_Kength} ]. The decryption algorithm D _K (x) is formed accordingly.

• K1: Veränderung der Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j: [x1,x2,...xk]→y=[x1,...,F(xj),...,xk] Die Abbildung F(x) könnte dabei beispielsweise durch eine Wertetabelle gegeben sein.
• K2: Permutation der Komponenten des Vektors x=[x₁,x₂,...x_k]: [x1,x2,...xk]→y=[xperm[1],...,xperm[k]]
• K3: Ersetzen einer Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j durch die XOR-Summe x_j⊕k₁', wobei k₁' eine byte-Komponente eines von dem eigentlichen Schlüssel K abgeleiteten Schlüssels F(K) ist: [x1,x2,...xk]→ y=[x1,...,xj ⊕ k1',...,xk]
• K4: Ersetzen einer Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j durch die XOR-Summe x_j⊕x_i, wobei i≠j gilt: [x1,x2,...xk]→ y=[x1,...,xj ⊕ xi,...,xk]

In the present embodiment, the encryption algorithm x → E _K (x) is in a first step in a logical composition e K (x) = (E ntot ° E Ntot-1 ° .... ° E 1 ) (X) of single operations E ₁ (x) (ntot here is the total number of operations) decomposed, as in 1 is shown. The individual operations E ₁ may, for example, belong to one of the following four classes K1, K2, K3 or K4:

• K1: Change of the component of the vector x = [x ₁ , x ₂ , ... x _k ] at the position j: [x 1 , x 2 ... x k ] → y = [x 1 , ..., F (x j ), ..., x k ] The mapping F (x) could be given for example by a value table.
• K2: permutation of the components of the vector x = [x ₁ , x ₂ , ... x _k ]: [x 1 , x 2 ... x k ] → y = [x perm [1] , ..., x perm [k] ]
• K3: replacing a component of the vector x = [x ₁ , x ₂ , ... x _k ] at the position j by the XOR sum x _j ⊕ k ₁ ', where k ₁ ' is a byte component of one of the actual Key K derived key F (K) is: [x 1 , x 2 ... x k ] → y = [x 1 , ..., x j ⊕ k 1 ', ..., x k ]
• K4: replacing a component of the vector x = [x ₁ , x ₂ ,... X _k ] at the position j by the XOR sum x _j ⊕x _i , where i ≠ j: [x 1 , x 2 ... x k ] → y = [x 1 , ..., x j ⊕ x i , ..., x k ]

The Single operations of classes K1, K3 and K4 only work on each a component of the data vector x and can therefore be considered elemental become. These elementary operations are independent of the chosen programming language the implementation.

According to the invention, the encryption algorithm E _K (x) is at least partially decomposed into a composition of elementary operations E ₁ . In the present exemplary embodiment, each of the elementary operations E ₁ originates from one of the classes K1, K3 or K4.

In the next in 1 As shown, the intermediate results of the individual operations are masked based on an invertible function. The corresponding invertible function S and the inverting of the invertible function S ^-1 is formed or selected for this purpose and provided for the transformation.

In a preferred embodiment becomes the invertible function due to cryptographic requirements chosen so that they are possible is incompatible with the given fixed mappings of the algorithm. This may mean that it there are no common orbits among all these pictures, none Common fixed points and the like .. These conditions are easy to check and limit the space the potential S only minimal (st).

For reasons of code complexity and above all the performance of the transformed code, a parallel masking is preferably used, in which case preferably all the components of the intermediate value vectors x m = (E. m ° ... ° E 1 ) (x) = [x m, 1 , x m, 2 , ..., x m, k ] be transformed component by component.

The transformation method used is based on the abstract principle, an algorithm E whose elementary operations E ₁ derive from the classes K1, K3 and K4, using a randomly generated constant diagonal transformation of the form [x 1 , x 2 ... x k ] → [S (x 1 ), P 2 (x 2 ), ..., S k (x k )] into an equivalent algorithm, in which the elementary operations E ₁ from the classes K1, K3 and K4 are at least partially replaced by operations E _{j, S} '= S ° E _j ° S ^-1 which are dependent on the invertible function S.

The factorization of the entire algorithm e K (x): = (E ntot ° ... ° E 1 ) (X) is doing so by factoring e K (x): = (p -1 ° (E. ntot, S '° ... ° E 1, S ') ° S) (x) where E _{1, S} '= S ° E ₁ ° S ^-1 .

• K1_S: Veränderung der Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j: [x1,x2,...xk] → [x1,..., SFS–1(xj),...,xk]
• K2_S: Permutation der Komponenten des Vektors x=[x₁,x₂,...x_k]: [x1,x2,...xk]→y=[xperm[1],...,xperm[k]]
• K3_S: Ersetzen einer Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j durch die XOR-Summe mit einer von dem Schlüssel abgeleiteten Komponente [x1,x2,...xk]→y=[x1,..., GS,k(xj),...,xk] mit G_S,k(x) = S(S^–1 (x) ⊕ k₁).
• K4_S: Ersetzen einer Komponente des Vektors x=[x₁,x₂,...x_k] an der Position j durch die Summe dieser Komponente mit einer weiteren Komponente: [x1,x2,...xk]→ y=[x1,...,FS(xj ⊕ xi),...,xk] mit F_S(x,y)=S(S^–1x ⊕ S^–1y).

In the present embodiment, in the transformation of the algorithm, the four operations K1 to K4 are replaced by the following four transformations K1 _S to K4 _S. These transformations are based on a randomly chosen invertible function S, which can be based, for example, on 8-bit vectors. This results in the following classes K1 _S to K4 _S :

• K1 _S : change of the component of the vector x = [x ₁ , x ₂ , ... x _k ] at the position j: [x 1 , x 2 ... x k ] → [x 1 , ..., SFS -1 (x j ), ..., x k ]
• K2 _S : permutation of the components of the vector x = [x ₁ , x ₂ , ... x _k ]: [x 1 , x 2 ... x k ] → y = [x perm [1] , ..., x perm [k] ]
• K3 _S : replacing a component of the vector x = [x ₁ , x ₂ , ... x _k ] at the position j by the XOR sum with a component derived from the key [x 1 , x 2 ... x k ] → y = [x 1 , ..., G S, k (x j ), ..., x k ] with G _{S, k} (x) = S (S ^-1 (x) ⊕ k ₁ ).
• K4 _S : Replacement of a component of the vector x = [x ₁ , x ₂ , ... x _k ] at the position j by the sum of this component with another component: [x 1 , x 2 ... x k ] → y = [x 1 , ..., F S (x j ⊕ x i ), ..., x k ] with F _S (x, y) = S (S ^-1 x ⊕ S ^-1 y).

The transformation has especially the property that the key-dependent operations class K3, thus the form x _i → x⊕k _j 'by table operations of K1 x _i → F _{S, kj'} (x) with F S, kj ' (X) = S (S -1 (x) ⊕ k j ') be replaced. Further, the elementary operation F (x, y) → x⊕y, which underlies the operations of class K4, is replaced by a transformed operation of the form F S (X, y) → S (S -1 x ⊕ S -1 y).

The implementation of the operation F _S (x, y) takes place here in the present embodiment via a function table, but not with explicit use of the figures S and S ^-1 according to the definition of F _S (x, y). In the present embodiment, the operation (x, y) → F _s (x, y) has a table with 2 ¹⁶ = 65536 byte values, the operation x → G _{s, k} (x) a table with 256 byte values ,

at The operations of the class K2 are the pictures which the Permute components of x, with diagonal images of the components interchangeable, because all components are transformed with the same S. become. That's why these individual operations are no longer explicitly transformed.

The pre- and post-transformations S and S ^-1 can be executed in the same computing environment as the transformed individual operations E _{1, S} '. In the present exemplary embodiment, however, at least the pre-transformation is carried out in a secure computing environment, whereas the post-transformation S ^-1 will take place in a separate and potentially unsafe environment. This example is explained below with reference to 1 further explained.

As explained above, the secure cryptographic instance A masks the encryption function E _K (x) based on the invertible function S. The result of this masking is in 1 denoted by (E _{K, S} (x)). The information to be encrypted x is then pre-transformed in a next step using the invertible function S. Im in 1 illustrated embodiment, this Prätrans Formation of the instance A performed. Alternatively, however, the pre-transformation can also be performed by instance B. In the present exemplary embodiment, the pre-transformed information y is then transmitted to the entity B, which as message receiver reconstructs the information using the inverse of the invertible function and the decryption algorithm D _K masked in the instance A. With the aid of this encryption and masking, the key used, for example, which acts as authorization information on the part of B, can be protected from potential misuse by B or by third parties. Due to the masking of the decryption function D _K (x) by the instance A on the basis of the invertible function S and the key K, a reconstruction of the invertible function S and thus of the key K for B is not directly possible.

An even greater certainty can be achieved if the inverse transformation using the inverters of the invertible function S ^{-1 is carried out} not in B's environment but in a secure computing environment protected from B's access. If this is not possible, the inverse transformation itself should be suitably obfuscated or transformed.

• • pr₁(x)⊕pr₂(x)=x
• • (pr₁°pr₂)(x)=(pr₂°pr₁)(x)=0
• • pr_i(x⊕y)=pr_i(x)⊕Pr_i(y)

In one embodiment of the present invention, the binary operation x⊕y transformed using the invertible function does not pass through the full value table of the function F S (x, y) → S (S -1 x ⊕ S -1 y) described. In the context of this embodiment, the calculation is carried out stepwise by means of projections and is therefore more efficient with regard to the required memory requirement. This can be done, for example, by two orthogonal xor-linear projections pr ₁ and pr ₂ of rank 4 (ie each with 16 image values). These then have the following properties:

• • pr ₁ (x) ⊕ pr ₂ (x) = x
• • (pr ₁ ° pr ₂ ) (x) = (pr ₂ ° pr ₁ ) (x) = 0
• • pr _i (x⊕y) = pr _i (x) ⊕ Pr _i (y)

A transformation using the invertible function yields the following two mappings: pr 1, S (x) = (S ° pr 1 ° S -1 ) x = S (pr 1 (S -1 x)) and pr 2, S (x) = (S ° pr 2 ° S -1 ) X.

The computation of the map F _S (x, y) = S (S ^-1 x ⊕ S ^-1 y) can then be done by composing the five mappings F _{S, 1} : (x, y) → (x ', y') = (pr _{1, S} (x), Pr _{1, S} (y)) F _{S, 2} : (x ', y') → F _s (x ', y'): = x ₁ = S (pr ₁ (S ^-1 x S ^-1 y)) F _{S, 3} : (x, y) → (x ", y") = (pr _{2, S} (x), Pr _{2, S} (y)) F _{S, 4} : (x ", y") → F _s (x ", y"): = x ₂ = S (pr ₂ (S ^-1 x S ^-1 y)) FS, 5: (x ₁ , x ₂ ) → F _S (x ₁ , x ₂ ) = S (S ^-1 x S ^-1 y) = F _S (x, y) be executed. The calculation of the sub-images F _{S, 2} ° F _{S, 1} and F _{S, 4} ° F _{S, 3} is most sensibly carried out via two tables (each of 3 × 256 bytes or even 256 24-bit variables depending on the implementation), which the function values of the map F _S (x ', y'), limited to the graphs Gr ₁ = {(x ', y') = (pr _{1, S} ((x), pr _{1, S} (y)}} and Gr ₂ = {(x ', y') = (pr _{2, S} (x), pr _{2, S} (y))} The 16 x 16 values of the form (pr _{1, S} (x), pr _{1, S} (y)) are stored in an orderly order and then the argument within the table is calculated by a binary search.The same applies to the mapping F _{S, 5} (x, y). x, y) instead of a large table with 65Kbytes, only 3 tables of size 3 × 256 byte and two further tables of size 256 byte (for the pictures x → pri, S (x)) are necessary, ie a total of 2816 bytes Symmetry of Figures FS, 2 and FS, 4 this can be further reduced.

In the present embodiment, the complexity of the merger and therefore the masking of the key is increased still further, coinciding in the two operations of the classes K1 (x _i1 → F (x _i1)) and K4 (x _i2 → x _i2 ⊕x _j) Indexes i1 and i2 are executed directly after each other and to a new elementary operation of one of the three types K14 1 : x i1 → F (x i1 ) ⊕ x j K14 2 : x i1 → x i1 ⊕ F (x j ) K14 3 : x i1 → F (x i1 ⊕ x j ) be merged. Similarly, operations of class K3 can be handled. If K1 same function F (x) is used for example in all operations of the algorithm of the class and the algorithm in a composition of images of the classes K14 _i, i = 1 3 and K3, K2 can be dismantled, ..., then you can the conjugation using the invertible function S is applied directly to the elementary operations K14 _i . This then leads to the operations K14 1S : x i1 → S (F (S -1 x i1 ) ⊕ S -1 x j ) K14 2S : x i1 → S (S -1 x i1 ⊕ FS -1 xj) K14 3S : x i1 → SF (S -1 x i1 ⊕ S -1 x j ).

All three figures have the abstract structure (X, y) → G F1, F2, F3 (x, y) = F1 (F2 (x) ⊕ F3 (y)) with three figures F1, F2, F3 on 8-bit vectors. The projection method for the memory-efficient computation of S (S ^-1 x ⊕S ^-1 y) = F _S (x, y) outlined above can also be transferred analogously to the more general mapping G _{F1, F2, F3} (x, y).

In the related with 2 described embodiment, the application of the inverse transformation on the basis of the inverters of the invertible function S ^-1 as the last step in an unprotected environment can be completely avoided. For this purpose, the above-described cryptographic transformation of the algorithm E _K (x) is combined with a data split of the data to be encrypted.

For this purpose, the data splitting again preferably uses the method already described above using two xor-linear orthogonal projections pr ₁ (x), pr ₂ (x). The data vector x = [x ₁ , x ₂ , ... x _k ] to be processed is split into two vectors x pr, 1 = [Pr 1 (x 1 ), pr 1 (x 2 ), ....., pr 1 (x k )] and x pr, 2 = [Pr 2 (x 1 ), pr 2 (x 2 ), ....., pr 2 (x k )]

Instead of an image based on an invertible function S, the issuing entity A produces two mappings on the basis of the invertible functions S ₁ and S ₂ , which are respectively represented on the images G ₁ = {x | ∃ y with x = pr ₁ (y)} and G ₂ = {x | ∃ y with x = pr ₂ (y)} act as an identical map. The decryption algorithm D _K is transformed into its variants D _{K, S1} and D _{K, S2} using the invertible functions S ₁ and S ₂ . The cryptographic entity A calculates the pair instead of y = S ° E _K (x) (y 1 , y 2 ) = (S 1 ° e K (x pr, 1 ), S 2 ° e K (x pr, 2 )).

The pair (y ₁ , y ₂ ) is then transmitted to instance B. B decrypts y ₁ and y ₂ into x _{pr, 1} and x _{pr, 2} using D _{K, S1} and D _{K, S2} . ₁ ^-1 and S ₂ ^-1 carried out instead of the (due to the invariance of S ₁ and S _{2 are} no longer necessary) using S as the final step on the part of B x is the reconstruction of the plaintext (n by calculating the XOR sum ) of the components of x _{pr, 1} and x _{pr, 2} .

Thus it is achieved that the entire implementation on the part of B only the images of the form F _S (x, y) = S (S ^-1 x ⊕ S ^-1 y) and G _{S, k} (x ) = S (S ^-1 x⊕k). This further increases the quality of "program obfuscation".

With the help of the present invention, a method is thus provided, with which a in Ver encryption algorithm embedded key can be obscured.

In the embodiment described below, the preferred AES algorithm is used as the encryption algorithm. AES consists of 4 different basic operations SubBytes (), AddRoundKey (), ShiftRows () and MixColumns () and operates on byte blocks x = [x ₁ , ..., x ₁₆ ] of length 16. The operation SubBytes ( ) operates through x → [S (x 1 ), ..., S (x 16 )] with the S-box S of AES, it can be composed of 16 sequential or parallel operations of class K1, where F (x) is determined by the S-box of AES. The AddRoundKey () operation operates by xor addition x → [x 1 ⊕ k 1 ', ..., x 16 ⊕ k 16 '] with components k _j 'of a round key and is therefore composed of 16 parallel operations of class K3. The operation ShiftRows () cyclically rotates the components one line when the data vector is represented in the form of a 4x4 matrix (x _{i, j} ) with x _{i, j} = x _{4i + j} . It therefore belongs as an operation on the data vector x to class K2. Finally, the xor-linear operation MixColumns () can be composed of suitably iterated operations of the form K2, K4 and K1. For this purpose, the so-called Bruhat decomposition can be used. Here, the multiplication x _i → m _j · x _i with the multiplication constants are m _j of the matrix representation of MixColumns () implemented by table operations of the class K1. In the case of AES, the only direct key-dependent operation is the operation, AddRoundKey ().

The direct application of the S-box of AES or its transformation under S can be avoided if the transformed composition of the three mappings MixColumns (), AddRoundKey (), and SubBytes () is executed (in that order) in the following manner. The composition of the three mappings results in a quaternary (key-dependent) operation of the form for each byte component (X, y, z, w) → F (M 1 x ⊕ M 2 y ⊕ M 3 z ⊕ M 4 w ⊕ k ')

Here F is given by the respective S-box, the (linear) mappings M ₁ to M ₄ correspond to the multiplications with the 4 multiplication constants of MixColumns (), k 'is a byte component of a round key.

There are two binary operations F S1, S, k1 '(x, y): (x, y) → u 1 = S 1 (M 1 S -1 x ⊕ M 2 S -1 y ⊕ k 1 ') F S1, S, k2 '(z, w): (z, w) → u 2 = S 1 (M 3 S -1 z ⊕ M 4 S -1 w ⊕ k 2 ') depending on a further invertible image S ₁ executed on 8-bit vectors. Subsequently, the binary operation G S1, S (u 1 u 2 ) → (u 1 u 2 ) → SF (S 1 -1 u 1 ⊕ S 1 -1 u 2 ) calculated. It then applies (G S1, S ° F S1, S, k1 ' ° F S1, S, k2 ') (X, y, z, w) = F (M 1 x ⊕ M 2 y ⊕ M 3 z ⊕ M 4 w ⊕ k 1 '⊕ k 2 ')

Under the condition k ₁ '⊕ k ₂ ' = k 'the composition agrees with the quaternary image (X, y, z, w) → F (M 1 x ⊕ M 2 y ⊕ M 3 z ⊕ M 4 w ⊕ k ') match. All three figures G _{S1, S} , F _{S1, S, k1 '} , F _{S1, S, k2'} are of the form G F1 . F2 . F3 (x, y) = F1 (F2 (x) ⊕ F3 (y)) and can be calculated efficiently (memory) using the method described above. The number of (key-dependent) tables of the form F _{S1, S, k1 '} or F _{S1, S, k2'} depends on the number of rounds of the algorithm mus (in this case AES) and the block length. In the case of AES with a key length of 128 bits and the number of rounds = l0, it is therefore 16 x 10 (+16)) = 176 xor operations of this kind. To calculate them efficiently, the sequence of round key parameters K _round = (k _j ') _{j = 1, ..., 176} again using two xor-linear orthogonal projections pr ₁ and pr ₂ in two sequences K _{round, 1} = (k _{j, 1} ') _{j = 1, ... , 176} and K _{round, 2} = (k _{j, 2} ') _{j = 1, ..., 176} with k _{j, 1} ' = pr ₁ (k _j ') and k _{j, 2} ' = pr ₂ (k _j ') are calculated into an xor sum of two sequences each having (at most) 16 different byte values. All (necessary) tables of the form F _{S1, S, k1,1} and F _{S1, S, k1,2 are then} precalculated. The information about which pair of mappings F _{S1, S, k1 '} and F _{S1, S, k1,2'} in the calculation of a function F (M ₁ x ⊕ M ₂ y ⊕ M ₃ z ⊕ M ₄ w ⊕ k ' ) must be used as a triple composition is stored in an additional table (of tax indices).

In this new form, the determination of the unknown map S and the key K is attributed to the problem of the projected key parameters k _{j, 1} ', k _{j, 2} ' as part of the maps F _{S1, S, k1,1} and F _{S1, S, k1,2} to identify. These in turn depend on the further unknown Figure _S1. S ₁ and S are non-linearly coupled (via F) in the (global) map G _{S1, S} (u ₁ , u ₂ ): (u ₁ , u ₂ ) → SF (S ₁ ^-1 u ₁ ⊕ S ₁ ^-1 u ₂ ). Overall, this results in an analytically difficult to solve reconstruction problem for the values of the unknown map S, S ₁ and the values of the round keys k _{j, 1} ', k _{j, 2} '.

In another embodiment, the transmitter sends the masked key to multiple receivers. For this, the transmitter uses a global mapping S _group for all receivers to transform the data E (x; k _group ) to the different receivers. On the receiver side, the data is then first pre-transformed with the invertible function S _Bi '= S _Bi ° S _group ^-1 , where the mapping S _Bi is specific for each receiver. Like any invertible function, the invertible function S _Bi 'can also be implemented using a function table. Thereafter, the application of the individually - under S _Bi - transformed encryption algorithms D (x; k _goup , S _Bi ). Since the transformation S _{group is} only applied on the side of A, the knowledge of the maps S _Bi '= S _Bi ° S _group ^-1 makes it _{impossible to} draw any conclusions about the S _Bi actually used for the generation. Only the images of the form S _Bi ° S _Bj ^-1 = S _Bi '° S _Bj ' ^-1 , that is to say "quotients" of two different S _Bi in the sense of the composition of images, are determinable the data to different recipients the data volume of the messages to be sent simultaneously (per unit of time) becomes too large.

Claims (9)

A method for concealing at least one key (k) in an encryption algorithm (E _k (x)) for encrypting data (x), the method comprising the steps of: - splitting at least part of the encryption algorithm (E _k (x)) with the at least one key (k) into elementary operations (E _i (x)) and - replacing at least one elementary operation (E _i (x)) by an equivalent elementary operation (E _i '(E) formed on the basis of an invertible function (S) x)). Method according to the preceding claim, characterized in that the equivalent elementary operation (E _i '(x)) is obtained by concatenating the elementary operations (E _i (x)) with the invertible function (S) and the inverting function of the invertible function (S ^-1 ) is formed. Method according to one of the preceding claims, characterized in that, after the formation of the equivalent elementary operations (E _i '(x)), the concatenation of all elementary operations is concatenated once more with the invertible function (S). Method according to one of the preceding claims, characterized in that the at least one equivalent elementary operation (E _i '(x)) is formed with the aid of at least one table. Method according to one of the preceding claims, characterized in that the at least one equivalent elementary operation (E _i '(x)) is formed stepwise by means of projections. Method according to one of the preceding claims, characterized characterized in that the data to be encrypted (x) in two Vectors are split. Method according to one of the preceding claims, characterized in that the encryption algorithm (E _k (x)) is a symmetric encryption algorithm. Method according to one of the preceding claims, characterized in that the AES algorithm rithmus is used as the encryption algorithm. Method according to one of the preceding claims, characterized in that the same invertible function (S) is used for the different elementary operations (E _i (x)).