JP2021196611A - Encrypting/decrypting method and device of data using white-box cryptograph - Google Patents

Abstract

To provide encrypting/decrypting method and device that make it impossible to decrypt even if part of algorithm is leaked and have improved security.SOLUTION: An encrypting device of data using white-box cryptography according to one example includes: a key table generation unit that generates a white-box cryptography (WBC)-based encrypted key table based on a cryptography key; and a white-box cryptography library that uses the encrypted key table to encrypt the data by a white-box cryptography-based method. The white-box cryptography library can encrypt using the white-box cryptography method after encrypting and decrypting the data.SELECTED DRAWING: Figure 6

Description

The present invention relates to a data encryption / decryption method and an apparatus using white box encryption.

Ciphertext is a technology that converts plain text into cipher text. These encryption techniques may be implemented in software code or in hardware devices. Encryption technology can be broadly divided into black box encryption methods and white box encryption methods.

In the case of black box-based encryption technology, an encryption key (Key) is required in the process of encrypting the input plaintext. This encryption key exists inside an encryption device that is assumed to be a black box. A black box means that you can't see inside.

That is, the design of a black box-based cryptographic device starts with the assumption that the cracker cannot see inside the cryptographic device. Therefore, the cracker can only see the plaintext that is input and the encrypted text that is output to the black box-based encryption device. Therefore, the cracker continuously observes the two input and output values and tries to find a pattern.

In the case of a black box, the cryptographic device designer simply assumes that the cryptographic device itself is perfectly secure, so if the cryptographic device itself is broken by a cracker, the encryption key. May leak. If the encryption key is leaked, the problem is that the entire encryption process is completely exposed to the crackers.

A cryptographic method having enhanced security over these black-box cryptographic methods is a white-box cryptographic method, and FIGS. 1 and 2 are drawings for explaining a white-box cryptographic method. FIG. 1 is an equation for explaining the overall configuration of the white box cipher, and FIG. 2 is an equation for explaining the operating principle of the white box.

The white box (10) means a transparent box from which the inside can be looked into. Therefore, the white box encryption method starts from the assumption that the cracker (40) can peep inside the white box (10) and can see all the software execution processes related to encryption and decryption. do. If the cracker can see the inside of the encryption device, the encryption key (Key) can be obtained, so that the cracker (40) can easily convert the ciphertext (20) into the plaintext (30). .. Therefore, the designer must consider more matters when designing the encryption device.

Assuming that the encryption device is a white box, the encryption key cannot be easily stored in the device. Therefore, in a general white box, the encryption key does not exist as it is, but exists in a mixture with a complicated encryption calculation algorithm, so that the encryption key cannot be obtained separately. Also, since this algorithm is difficult to convert, it is difficult to guess the original value or encryption key using the result value.

In other words, white-box cryptography creates an algorithm in a large look-up table and hides the cryptographic key in a state mixed with the cryptographic algorithm implemented by the software, so that the internal operation is performed. It is a method that makes it impossible to easily infer the encryption key even if it is analyzed.

Creating a cryptographic algorithm in one large look-up table makes it easy to hide the cryptographic key, but it can make the table larger, so the table is properly separated by cryptographic techniques. , The decoding and encoding process should be performed so that the intermediate value of the encryption operation is not exposed.

As shown in FIG. 2, the basic principle of the basic white box encryption is that the encoding process (Mi) and the decoding process (Mi ^-1 ) are calculated in separate tables. Therefore, without exposing the intermediate values, the sequential encoding and decoding cancel each encoding and decoding, and the same result as the result of performing only the original encryption operation (Xi) is obtained.

As described above, the current white box encryption does not use an encryption key, so that it has an advantage that the encryption key is not leaked and has an advantage that it is compatible with standard encryption technology. However, if the white box encryption algorithm itself in which the encryption key is hidden is leaked, there is a problem that the ciphertext can be decrypted by it.

Therefore, the encryption / decryption method and device using the white box encryption according to the embodiment are inventions devised to solve the problems of the prior art, and a part of the algorithm is leaked. However, it is for the purpose of providing an encryption / decryption method and an apparatus with improved security by preventing decryption.

Specifically, if only the so library contained in the white box cryptographic library leaks independently, all you have to do is acquire the data to be decrypted and the key table, and decrypt it without knowing the original key. It is an invention devised to solve the problem that the obtained data can be leaked.

The data encryption device using the white box encryption according to the embodiment includes a key table generator that generates a white-box encryption (WBC) -based encryption key table based on the encryption key, and the above-mentioned A white box cryptographic library that uses an encryption key table to encrypt the data in the white box cryptographic-based manner is included, and the white box cryptographic library performs encryption and decryption on the data. , The white box encryption method can be used for encryption.

The white box encryption library includes an Android-based jar library and a so library, the jar library encrypts the data, and the so library decrypts the data encrypted by the jar library. It can be converted to generate decrypted data.

The so library can re-encrypt the decrypted data using a white box encryption-based algorithm.

The data decryption device using the white-box encryption according to the embodiment includes a key table generator that generates a white-box encryption (WBC) -based decryption key table based on the encryption key, and the above-mentioned The white box encryption library includes a white box encryption library that decrypts the encrypted data by a white box encryption-based method using a decryption key table, and the white box encryption library encrypts the encrypted data. After performing the conversion and decryption, the white box encryption method can be used for decryption.

The white box encryption library includes an Android-based jar library and a so library, the jar library encrypts the encrypted data, and the so library is encrypted by the jar library. After decrypting the data, the decrypted data can be decrypted again using a whitebox cryptographic-based algorithm.

The data encryption method using the white-box encryption according to the embodiment is a white-box encryption (WBC) -based encryption key table based on the encryption key at the stage of receiving the data and the encryption key. And the stage of encrypting the data by the white box encryption-based method using the encryption key table, and the stage of encrypting the data by the white box encryption-based method are Android-based. After the data is encrypted and decrypted using the jar library and the so library, it can be encrypted using the white box encryption method.

The data decryption method using the white-box encryption according to the embodiment is based on the white-box encryption (WBC) based on the encryption key at the stage of receiving the encrypted data and the encryption key. A step of generating a decryption key table and a step of decrypting the data by the white box encryption-based method using the decryption key table are included, and a step of decrypting the data by the white box encryption-based method is included. , The Android-based jar library and so library can be used to perform encryption and decryption processes on the encrypted data, and then the white box encryption method can be used to decrypt the encrypted data.

In the case of the encryption / decryption method and device using the white box encryption according to the embodiment, the data is encrypted and decrypted by the jar library and the so library in the encryption and decryption of the data. After that, since the white box method encryption / decryption is executed, even if only the so library is separated and extracted, unlike the conventional technology, the final encrypted data cannot be obtained, and the encryption / decryption with improved security is achieved. Equipment can be provided.

FIG. 1 is a drawing for explaining the overall concept of a white box cipher applied to the present invention. FIG. 2 is an equation for explaining the operating principle of the white box applied to the present invention. FIG. 3 is a drawing for explaining the vulnerability of the white box encryption by the conventional technique. FIG. 4 is a block diagram showing the components of the data encryption device according to the embodiment. FIG. 5 is a diagram showing two types of key tables output from the key table generation unit according to one embodiment. FIG. 6 is a drawing for explaining a method of encrypting data according to an embodiment. FIG. 7 is a block diagram showing components of a data decoding apparatus according to another embodiment. FIG. 8 is a drawing for explaining a method of decoding data according to another embodiment. FIG. 9 is a drawing for explaining a configuration of a data encryption / decryption device according to an embodiment. FIG. 10 is a drawing for explaining the configuration of a data encryption / decryption device according to another embodiment. FIG. 11 is a drawing for explaining the configuration of a data encryption / decryption device according to another embodiment.

The encryption / decryption method using the white box encryption according to the embodiment of the present invention can be executed by a computer device. The computer device includes a processor loaded into memory, a memory loaded with operations performed by the processor, and storage for storing the operation independently of power supply. However, the configuration of the computer device is only an example, and the computer device includes various types of devices having a calculation function.

The computer device can execute the encryption / decryption process after obtaining the information to be encrypted or decrypted. The information is input via a user interface such as information stored in a storage device of the computer device, information received via a network interface provided in the computer device, or a touch screen provided in the computer device. It can be information that has been done.

The computer device loads a white box encryption module that performs encryption / decryption on the input information into the memory provided in the computer device. Generally, the memory load of the white box cryptographic module is performed after the information to be encrypted or decrypted is obtained, but conversely, the memory load of the white box cryptographic module is performed first, and then the encryption or encryption is performed. The operation of obtaining the information to be decrypted may be executed.

That is, the white box cryptographic module can be a temporary load module that is temporarily loaded into the memory only when necessary, or can be a constant load module that keeps the state of being constantly loaded in the memory. Even if the white box cryptographic module is an always-loaded module, it will go through the process of being loaded into memory during the boot process of the computer device.

When the white box cryptographic module is operated in the form of a constantly loaded module, according to one embodiment, the white box cryptographic module can be loaded in the kernel area of the memory. The kernel area is a memory area used by the operating system, and user applications other than the operating system cannot invade the kernel area.

Therefore, the white box cryptographic module loaded in the kernel area of the memory can prevent the code from being leaked. Further, by loading the white box cryptographic module in the booting process, it is possible to prevent a user application for cracking purposes, which can operate after the booting is completed, from obtaining the binary data of the white box cryptographic module.

When the white box cryptographic module is operated in the form of a temporary load module, it has the effect of saving memory capacity as much as the binary data size of the white box cryptographic module. However, there is a risk that the binary of the white box cryptographic module will be duplicated by the cracking application while the white box cryptographic module is loaded into memory.

The cracking application hooks the system function for memory loading after creating the situation where the whitebox cryptographic module is needed (eg, executing a payment APP where the whitebox cryptographic module is used) and the memory address. The binary of the whitebox cryptographic module can be obtained by a method such as obtaining (using memory dump technology), and in such a case, a security problem can occur.

Looking at these in detail, as shown in FIG. 3, the white box encryption library (70) encrypts the data (10) to be encrypted using the encryption key table (20), and the encrypted data (30). Is output. The white box cryptographic library (70) is generally composed of aar files, and the aar files include an Android-based jar library (71) file and a so library (73) file, as shown in FIG. It is included. Then, the so library (73) encrypts the input data by using the white box cryptographic function (75).

However, the so library (73) included in the white box cryptographic library (70) can be extracted from the white box cryptographic library (70) independently of the jar library (71), and the data and key to be decrypted. There was a problem that the decrypted data could be leaked without knowing the original key as long as the table was acquired.

Therefore, the data encryption / decryption device (300) using the white box encryption according to the embodiment is an invention devised to prevent such a problem, and is a white box encryption library according to the prior art. This is to prevent the encryption data from being obtained even if only the so library (73) is independently extracted from (70), and to provide an encryption / decryption method with improved security. Hereinafter, the components and operating procedures of the present invention will be investigated with reference to the drawings.

FIG. 4 is a block diagram showing the components of the data encryption device (100) according to the embodiment, and FIG. 5 shows two types of keys output from the key table generation unit (120) according to the embodiment. FIG. 6 is a drawing showing a table, and FIG. 6 is a drawing for explaining a method in which a data encryption device (100) according to an embodiment encrypts data.

Referring to FIG. 5, the data encryption device (100) according to the embodiment is determined by a key determination unit (110) and a key determination unit (110) that determine a key (Key) used for encryption and decryption. Data is encrypted using the key table generator (120) that generates the encryption key table (20) used for encryption based on the encrypted encryption key (50), and the encryption key table (20). It can include a white box cryptographic library (130) to be converted.

As shown in FIG. 5, the key table generation unit (120) uses an encrypted key table (50) to encrypt the data (20) by using the key table generation function. (20) and the decryption key table (40) necessary for decrypting the encrypted data (30) can be generated, respectively.

In the case of the conventional AES (Advanced Encryption Standard) algorithm method encryption method, the key required for encryption and the key used for decryption were the same, but the white box encryption method In the case of, encryption is performed using the key table, and the key table used for encryption and the key table used for decryption are the same, which is different from the encryption of the conventional AES algorithm method. There is a point.

The white box cryptographic library (70) is generally composed of aar files, and the aar files include a jar library (140) file and a so library (150) file as shown in FIG. ing. The jar library (140) includes a data encryption unit (141) that encrypts the input encrypted data (30) into intermediate encrypted data (15), and the so library (150) includes the so library (150). The data decryption unit (151) that decrypts the intermediate encrypted data (15) encrypted by the data encryption unit (141) and the decrypted data are encrypted again using the white box encryption function algorithm. A white box encryption unit (153) is included.

After receiving the data (10) to be encrypted and the encryption key table (20) from the outside, the jar library (140) inserts padding into the encrypted data (10) received by the user's choice. be able to. If the padding is inserted in the data (10) to be encrypted, the padding can be inserted by the method of PKCS5Padding.

Specifically, the jar library (140) can perform substitution cryptography and XOR operations through the Substitution Table in JAVA, and XOR and Substitution Table in C connected to Java Native Interface (JNI, Java Native Interface). You can perform the encryption process through. The Substitution Table used in the jar library (140) contains a structure and contents different from the Substitution Box used in the conventional AES algorithm.

When the data (10) input in the jar library (140) is encrypted and converted into the intermediate encrypted data (15), the so library (150) receives the intermediate encrypted data (15) and then again. Performs decryption and encryption processes.

Specifically, the data decoding unit (151) included in the so library (140) receives the intermediate encrypted data (15) to be decrypted and then decodes the intermediate encrypted data (15). .. After that, the white box encryption unit (153) encrypts the decrypted data (10) again using the white box encryption algorithm, and outputs the final encrypted data (30).

That is, when the data is encrypted by the white box encryption library (130) according to the embodiment, the input data and the output data are the same as those in the prior art, but the data input in the process of encryption is used. On the other hand, it is characterized in that after performing encryption and decryption, encryption based on the white box algorithm is performed again.

Therefore, even if only the so library (150) is separated and extracted from the white box encryption library (130), the data to be input to the so library (150) must be intermediate encryption data, so that the data to be encrypted (10). And even if the encryption key table (20) is known, the final encrypted data (30) cannot be obtained. Therefore, unlike the prior art, even if only the so library (150) is separated and extracted from the white box cryptographic library (130), there is an advantage that the problem of leakage of the final cryptographic data (30) can be solved.

FIG. 7 is a block diagram showing the components of the data decoding device (200) according to another embodiment, and FIG. 8 is a data decoding device (200) according to another embodiment. It is a drawing for demonstrating the method of doing.

Referring to FIG. 7, the data decoding apparatus (200) according to the embodiment has a key determination unit (210) for determining a key (Key) to be used for decryption, and a cipher determined by the key determination unit (210). Data encrypted using the key table generator (220) that generates the decryption key table (40) used for decryption based on the decryption key (50) and the decryption key table (40). A white box cryptographic library (230) to be decrypted can be included.

The key determination unit (210), key table generation unit (220), and white box cryptographic library (230) of the data decryption device (200) include the key determination unit (110) and the key table (120) described with reference to FIG. ) And the white box cryptographic library (130), the description thereof will be omitted, and the decryption process will be described in detail with reference to FIG.

With reference to FIG. 8, the jar library (240) receives the encrypted data (30) to be decrypted from the outside and the decryption key table (40), and then executes the substitution encryption and the XOR operation by the Substitution Table in JAVA. It is possible to perform the encryption process by XOR and Substitution Table in C connected to Java Native Interface (JNI, Java Native Interface).

The Substitution Table used in the jar library (240) contains a structure and contents different from the Substitution Box used in the conventional AES algorithm.

When the encrypted data (30) is encrypted by the jar library (240) and converted into the intermediate encrypted data (25), the so library (250) receives the intermediate encrypted data (25) and then decrypts it again. And perform the encryption process.

Specifically, after receiving the intermediate encrypted data (25) to be decrypted by the data decoding unit (251) included in the so library (250), the intermediate encrypted data (25) is decrypted. After that, the white box decryption unit (153) decrypts the decrypted cryptographic data (30) again based on the white box cryptographic algorithm, and outputs the final data (10).

That is, when the data is decrypted by the white box encryption library (230) according to the embodiment, the input data and the output data are the same as those in the prior art, but the encrypted data input in the process of decryption. It is characterized in that it is encrypted and decrypted, and then decrypted again.

Therefore, even if only the so library (150) is separated and extracted from the white box encryption library (130), the data to be input to the so library (150) must be intermediate encryption data, so that the encrypted data ( Even if you know 10) and the decryption key table (40), you cannot get the original data (10). Therefore, unlike the prior art, even if only the so library (150) is separated and extracted from the white box cryptographic library (130), there is an advantage that the problem of leakage of the original data (10) can be solved.

9 to 11 are drawings for explaining the configuration of a data encryption / decryption apparatus according to various embodiments.

In the previous drawing, the data encryption device (100) and the data decryption device (200) have been described separately, but the embodiment of the present invention is not limited to this, as shown in FIG. May be implemented in a data encryption / decryption device (300) that includes a white box encryption-based data encryption device (100) and a data decryption device (200).

Also, since the white box-based encryption algorithm and the AES-based decryption algorithm are compatible with each other, the data encryption / decryption device (300) according to the embodiment is a white box encryption as shown in FIG. It may be implemented to include a base data encryption device (100) and an AES algorithm-based decryption device (200).

When implemented as shown in FIG. 10, the encryption key table (20) is used when encrypting the data (10), and the encryption is performed when the encrypted data (30) is decrypted. The key (60) is used.

Further, as shown in FIG. 11, unlike FIG. 10, the data encryption / decryption device (300) is an AES algorithm-based encryption device (100) and a white box encryption-based data decryption device (100). It may be implemented in a form that includes 200).

When implemented as shown in FIG. 11, the encryption key (50) is used to encrypt the data (10), and the decryption key table (40) is used to decrypt the encrypted data. ) Is used.

In the case of the encryption / decryption method and device using the white box encryption according to the embodiment, the data is encrypted and decrypted by the jar library and the so library in the encryption and decryption of the data. After that, since the white box method encryption / decryption is executed, even if only the so library is separated and extracted, unlike the conventional technology, the final encrypted data cannot be obtained, and the encryption / decryption with improved security is achieved. Equipment can be provided.

Claims (7)

A device for encrypting data
A key table generator that generates a White-Box Cryptography (WBC) -based encryption key table based on an encryption key, and the white-box encryption-based data using the encryption key table. Includes a whitebox cryptographic library that encrypts in a method
The white box cryptographic library is
After performing encryption and decryption on the data, the data is encrypted using the white box encryption method.
A data encryption device that uses white-box encryption. The white box cryptographic library is
Includes Android-based jar and so libraries
The jar library encrypts the data and
The so library decodes the data encrypted by the jar library to generate the decrypted data.
The data encryption device using the white box encryption according to claim 1. The so library is
A white box encryption-based algorithm is used to re-encrypt the decrypted data.
A data encryption device using the white box encryption according to claim 2. A device for decrypting encrypted data,
A key table generator that generates a White-Box Cryptography (WBC) -based decryption key table based on the encryption key, and a white box for the encrypted data using the decryption key table. Includes a whitebox crypto library that decrypts in a crypto-based manner, including
The white box cryptographic library is
After performing encryption and decryption on the encrypted data, decryption is performed using the white box encryption method.
A data decryption device that uses white-box encryption. The white box cryptographic library is
Includes Android-based jar and so libraries
The jar library encrypts the encrypted data and
The so library decodes the data encrypted by the jar library, and then decodes the decrypted data again using a white box encryption-based algorithm.
The data decryption device using the white box encryption according to claim 4. At the stage of receiving data and encryption key,
At the stage of generating a white-box cryptography (WBC) -based encryption key table based on the encryption key, and using the encryption key table to transfer the data in the white-box encryption-based method. Including the encryption stage
The stage of encryption using the white box encryption-based method is
After the data is encrypted and decrypted using the Android-based jar library and so library, it is encrypted using the white box encryption method.
A method of encrypting data using white box encryption. The stage of receiving encrypted data and encryption key,
The stage of generating a white-box cryptography (WBC) -based decryption key table based on the encryption key, and the white-box encryption of the encrypted data using the decryption key table. Including the step of decrypting with the base method
The stage of decryption using the white box encryption-based method is
The encrypted data is encrypted and decrypted using the Android-based jar library and so library, and then decrypted using the white box encryption method.
A method of decrypting data using white box encryption.

Images