WO2007031894A2 - Improved cryptographic method and system - Google Patents

Improved cryptographic method and system Download PDF

Info

Publication number
WO2007031894A2
WO2007031894A2 PCT/IB2006/053034 IB2006053034W WO2007031894A2 WO 2007031894 A2 WO2007031894 A2 WO 2007031894A2 IB 2006053034 W IB2006053034 W IB 2006053034W WO 2007031894 A2 WO2007031894 A2 WO 2007031894A2
Authority
WO
WIPO (PCT)
Prior art keywords
box
content
key
chosen
cryptographic
Prior art date
Application number
PCT/IB2006/053034
Other languages
French (fr)
Other versions
WO2007031894A3 (en
Inventor
Wilhelmus P. A. J. Michiels
Paulus M. H. M. A. Gorissen
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2007031894A2 publication Critical patent/WO2007031894A2/en
Publication of WO2007031894A3 publication Critical patent/WO2007031894A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/605Copy protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/606Traitor tracing

Definitions

  • the invention relates to a cryptographic method comprising a non-linear substitution step wherein an input byte is replaced by an output byte according to an S-box.
  • the invention further relates to a system for distributing content.
  • This object is achieved according to the invention in a method which is characterized in that the contents of the S-box is given as input to the cryptographic method together with a cryptographic key to be used in the cryptographic method.
  • the security of the cryptographic method is not affected because it is not important for the non-linearity properties of the S-box which S-box is chosen.
  • extracting the AES key is no longer sufficient to "break" the white-box implementation.
  • the Billet et al. attack requires knowledge of the S- box.
  • the present invention makes this knowledge part of the key, which means an attacker can no longer make any assumptions about the contents of the S-box. Hence this attack no longer works.
  • the present invention is backwards compatible. That is, an implementation that operates according to the present invention can also decrypt data that has been encrypted with a prior art variant of the cryptographic method, in which the choice of the S-box is not one of the inputs.
  • the present invention increases the number of key lengths from which one can choose.
  • the key length in Rijndael has to be a multiple of 32 bits and has to lie between 128 bits and 256 bits. With the present invention any key length between 128 bits and more than 10,000 bits can be chosen.
  • the cryptographic method is the Rijndael algorithm.
  • a look-up table can be used to provide efficient implementations.
  • the invention may be used to distribute content in a safe manner. When the number of recipients is relatively small, or a large amount of processing power is available, every recipient may be provided with a different S-box. Alternatively every recipient may have the same S-box, or separate groups of recipients may be assigned different S-boxes.
  • the invention further provides a server for distributing content, comprising means for choosing a key and an S-box, means for applying the method of the invention using the chosen key and the chosen S-box as input to encrypt the content, and means for distributing the encrypted content to a client device.
  • This server may be comprised in a system that further comprises a plurality of client devices, each respective client device being provided with means for decrypting the content using a respective chosen S-box.
  • This server may also be comprised in a system that further comprises a plurality of client devices, each respective client device being provided with means for decrypting the content using the chosen S-box.
  • the invention further provides a computer program product operative to cause a processor in an execution device to execute the method of the invention.
  • Fig. 1 shows an illustrative client environment
  • Fig. 2 illustrates the decryption and decoding process in more detail
  • Fig. 3 shows a block diagram of a system in which the invention may be employed
  • Fig. 4 illustrates the Rijndael algorithm in general, with Figs. 5, 6, 7 and 8 illustrating the Key Add, Substitution, ShiftRow and MixColumns steps of this algorithm respectively.
  • Fig. 1 shows an illustrative client environment comprising a client device 100 such as a personal computer, radio receiver, CD or DVD player, television, mobile phone, personal digital assistant, portable player, and so on.
  • client devices may be interconnected to allow one device, e.g. a television, to control another, e.g. the personal digital recorder.
  • One device typically a personal computer or a set top box (STB), then operates as a hub or central device, providing control over the other devices.
  • Content such as music, songs, movies, TV programs, games, pictures, electronic books, interactive services and so on is received by the device 100 from a source.
  • the content may be provided on a portable storage medium such as a digital versatile disc (DVD) or a peripheral device comprising a solid state memory or hard disk.
  • a portable storage medium such as a digital versatile disc (DVD) or a peripheral device comprising a solid state memory or hard disk.
  • Content can also be provided from server 130 through a network, for example a broadband cable or xDSL network, an Internet connection, a satellite downlink and so on.
  • the server 130 comprises a key generator 131 for choosing a key, a cryptographic processor 132 for encrypting the content using the chosen key as input to encrypt the content, and a distribution module 133 for distributing the encrypted content to the client device (100). Distribution typically takes place over a network, such as a wireless telephone network, the Internet or a cable television network, but may also take place by distributing physical carriers such as CD-ROMs, DVDs, solid state memory devices and so on.
  • the client device 100 includes a core media player 110 and several format- specific plug- ins 120, 122 and 124.
  • the core player 110 may, for example, provide the user interlace for controlling the player. Examples of today's media players are Microsoft's Media Player, Real's RealOne Player and Apple's QuickTime player. Such players can load for a specific content format a respective plug- in for performing the format-specific decoding. Those content formats may include AVI, DV, Motion JPEG, MPEG-I, MPEG-2, MPEG-4, WMV, Audio CD, MP3, WMA, WAV, AIFF/AIFC, AU, etc. If and when future formats become available, a new plug- in can be developed to decode content encoded in that format. This plug- in is then installed on the client device, allowing playback of such content.
  • Each plug- in 120, 122, 124 includes a respective decoder.
  • a decoder may send the decoded content directly to rendering hardware or software, such as loudspeaker 126, or pass it on to the core player 110 for further processing.
  • a secure plug- in is used that not only decodes the content in the specific format but also decrypts the content.
  • a typical approach in digital rights management for protected content distributed to personal computers is to encrypt the digital content (for instance using DES or AES) and to store the decryption key (or the "license") on the client device.
  • This is illustrated in Fig. 2, where the encrypted content is first fed through a decryptor 230 and next the decrypted content is fed through the format-specific decoder 220.
  • the decryptor 230 may receive a decryption key/license from a license database 210.
  • rendering comprises generating audio signals and feeding them to loudspeakers.
  • rendering generally comprises generating audio and video signals and feeding those to a display screen and loudspeakers.
  • a similar appropriate action must be taken.
  • the largest vulnerability of digital rights management relying on encryption is the key distribution and handling. For playback, a software player has to retrieve a decryption key from the license database, it then has to store this decryption key somewhere in memory for the decryption of the encrypted content.
  • Typical digital rights management systems use an encryption technique based on block ciphers that process the data stream in blocks using a sequence of encryption/decryption steps, referred to as rounds.
  • the output of i-l" 1 round is the input of the I th round.
  • the algorithm can be described as a function cascade f N ° ⁇ • • o f ⁇ ( ⁇ ) , where function f t represents the functionality of round i .
  • Fig. 3 shows a block diagram of a system in which the invention may be employed.
  • content is distributed on a medium 310.
  • the medium may be the same for each player.
  • the medium may be of any suitable type, e.g. audio CD, DVD, solid state memory, hard disk, and so on.
  • the content on the medium is copy protected, preferably by being encrypted under using an encryption algorithm.
  • the storage medium may include information relating the decryption key.
  • the storage medium may include information 312 (such as an identifier) that enables the player to retrieve the information, for example by downloading it from a server in the Internet.
  • the decryption key is obtained in a secure module 320 by using a key- specific key 322 and the information 312 to calculate 324 the decryption key 326.
  • the decryption key is the received 332 in a second module 330.
  • the second module 330 decrypts 334, decodes 336 and renders 338 the content 314 of the medium 310.
  • a popular choice of decryption algorithm is the Advanced Encryption Standard (AES), a standardized version of the Rijndael algorithm.
  • AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.
  • the specification of the AES algorithm is published as US Federal Information Processing Standards Publication 197.
  • Rijndael is discussed in J. Daemen and V. Rijmen, Rijndael, the advanced encryption standard, Dr. Dobb's Journal, Vol. 26, No. 3, March 2001, pp. 137-139.
  • the Rijndael algorithm involves an iterated application of a round transformation. This is illustrated in Fig. 4.
  • the round transformation consists of a sequence of four transformations.
  • each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. See step 401.
  • Substitution a non-linear substitution step where each byte is replaced with another according to a lookup table (a so-called S-box). See step 402.
  • ShiftRow a transposition step where each row of the state is shifted cyclically a certain number of steps. See step 403.
  • MixColumns a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. See step 404. The only difference between the last round and the other rounds is that in the last round the Mixcolumns step is removed.
  • Each transformation operates on an array of 16 bytes. This array, called the state, is generally visualized by a 4x4 matrix of bytes.
  • the step Keyadd 401 adds to each byte a key-byte, as illustrated in Fig. 5.
  • the result of the Keyadd step 401 is given to the S-box.
  • the step 402 uses a single S-box.
  • the byte a is comprised of the bits ao, ..., a ⁇ and the byte b is comprised of the bits bo, ..., b ⁇ .
  • the bits ao and bo are the least significant bits.
  • step 404 the Mixcolumn transformation. This is illustrated in Fig. 8. Where all previous transformations did not cross the byte boundaries, this transformation does cross the byte boundaries. It mixes the bytes in one column. This is done via a matrix multiplication. Hence, the k ⁇ column d of the output state is obtained by multiplying the k ⁇ column c of the input state with some matrix M.
  • FI(2 8 -T) which exceeds 5 times 10 18 .
  • K the standard Rijndael key
  • A the 8x8 binary invertible matrix used in the affine mapping ⁇ x
  • the S-boxes used vary over the rounds and/or within the single rounds. In the most extreme case, a different S-box can be specified for each input byte of each round.
  • the security of the block cipher is not affected because it is not important for the non-linearity properties of the S-box which matrix A is chosen.
  • the present invention is backwards compatible with Rijndael, i.e., an implementation that uses the invention can still handle Rijndael.
  • a random invertible matrix must be generated.
  • a very straightforward algorithm for this task is to generate a random binary 8x8 matrix and check whether this matrix is invertible. The probability of success is more than 25%. If the generated matrix is not invertible, a new random matrix is generated until an invertible matrix is found.
  • Other, more efficient algorithms for generating random invertible matrices are well-known in the art.
  • a look-up table can be constructed that maps the byte a tJ to the 32-bit (4 byte) word M t f((a y ⁇ k y ) '1 )
  • the output of a single Rijndael round can be computed by performing four look-ups and three 32 bit XOR operations per column of the output state (the last round can be handled by a single byte to byte look-up table per input byte).
  • a look-up table that maps two nibbles x ⁇ and X2 to x ⁇ ® X2
  • a single round may be implemented by only performing table look-ups. This implementation is the basis of the white-box implementation of Cloakware.
  • the total size of the look-up tables is approximately 0.7.
  • the values of the look-up table M,_/((a, / ® k y ) '1 ) are changed to M 1 h((a y ⁇ k y ) '1 ), where/is the affine function proposed in Rijndael and h is the random affine function that is part of the key.
  • the key generator 131 is now configured for choosing not only a key but also an S-box.
  • the cryptographic processor 132 now applies the method according to the invention using the chosen key and the chosen S-box as input to encrypt the content.
  • the distribution module 133 subsequently distributes the encrypted content to the client device 100.
  • the encryption need not be done by a white-box implementation of the algorithm.
  • a program P that contains a white-box implementation of the decryption algorithm for some data stream(s) and that contains possibly other functionality is provided to the client device 100.
  • This program P could be sold to the user of the client device 100. It may be made available from the server 130 or from another source. For instance, an Internet download could be offered or a CD-ROM or other storage medium containing the program P may be provided.
  • the only way a user that did not buy the program P can decrypt the data is by copying P or by using the tables in the decryption component to write his/her own version of P.
  • the former threat can, for instance, be prevented/discouraged by applying tracing techniques to the program and by applying copy protection techniques. As argued in Chow et al.
  • the latter threat can (more or less) be prevented by replacing the decryption component D by F o D o G for some input and output encodings F and G, such that the remainder of the program P 'operates' on the data encoded by F and G.
  • the encodings F and G are merged into the look-up tables of the decryption component.
  • Rijndael is a symmetric block cipher
  • the decryption key can also be used for encryption.
  • An additional advantage of the white-box implementation using the present invention is that it can only be used for decryption and not for encryption. In other words, if the server 130 provides a white-box implementation for some key K, A, then a malicious user cannot encrypt data that can be decrypted with this software because he does not know key K,A.
  • the server 130 should register which client device is provided with which S-box. If an implementation is then 'leaked' on the Internet, it is possible to find out which S-box was used in this implementation. Using the registered association the client device and/or its owner can then be identified.
  • the program P may implement much more than just the whitebox implementation of AES according to the invention. It may implement all necessary decryption operations. It may work together with an existing user interface system or provide its own user interface.
  • the cryptographic method and system of the present invention finds application in many situations.
  • One example is the so-called Authorized Domain.
  • a set of devices can authenticate each other through a bi- directional connection. Based on this authentication, the devices will trust each other and this will enable them to exchange protected content.
  • the licenses accompanying the content it is described which rights the user has and what operations he/she is allowed to perform on the content.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

A cryptographic algorithm such as AES/Rijndael involves a non- linear substitution step wherein an input byte is replaced by an output byte according to an S-box. This could be done using a look-up table. In the invention the contents of the S-box is given as input to the cryptographic method together with a cryptographic key to be used in the cryptographic method. Content can be encrypted using the chosen key and the chosen S-box as input before distribution. In a system comprising a server configured to execute the method and a plurality of clients, the clients may have the same chosen S-box or may have mutually different S-boxes.

Description

Improved cryptographic method and system
The invention relates to a cryptographic method comprising a non-linear substitution step wherein an input byte is replaced by an output byte according to an S-box. The invention further relates to a system for distributing content.
The use of the Internet as a distribution medium for content such as movies, music and games creates a compelling challenge to secure the interests of the content provider. Control of the playback environment is one way to enforce the interests of the content owner including the terms and conditions under which the content may be used. Typically cryptographic algorithms are used to protect the content. In particular for the personal computer platform, but to a certain extent also for other platforms, the user must be assumed to have complete control over the hardware and software that provides access to the content and unlimited amount of time and resources to attack and bypass any content protection mechanisms. As a consequence, content providers must deliver content to legitimate users across a hostile network to a community where not all users can be trusted.
The conventional cryptographic model assumes that end-points in a communication are trusted. That is, the parties that communicate with each other are trusted with the key, and it is only the eavesdropper against which the key should be protected. These assumptions do not hold in the above scenario. More generally speaking, in situations like this a cryptographic system needs to be protected against "white-box attacks". White-box attacks are attacks in which an attacker has gained access to the implementation of cryptographic algorithms, and can observe or manipulate the dynamic execution of whole or part of the algorithms.
The article White-Box Cryptography and an AES Implementation by S. Chow, P. Eisen, H. Johnson, and P.C. van Oorschot (Proceedings of SAC 2002 - 9th Annual
Workshop on Selected Areas in Cryptography) discloses a white-box implementation of the AES algorithm. In O. Billet, H. Gilbert, C. Ech-Chatbi, Cryptanalysis of a White-Box AES Implementation, (Proceedings of the 1 lth Annual Workshop on Selected Areas in Cryptography, 2004, pp. 227-240), it is disclosed how to extract the whole AES secret key embedded in such a white box AES implementation, effectively "breaking" this white-box implementation.
It is an object of the invention to provide a cryptographic method and system that is more resistant to a white-box attack.
This object is achieved according to the invention in a method which is characterized in that the contents of the S-box is given as input to the cryptographic method together with a cryptographic key to be used in the cryptographic method. By choosing not only a key but also an S-box as input, the security of the cryptographic method is not affected because it is not important for the non-linearity properties of the S-box which S-box is chosen. Now that the S-box is no longer fixed, extracting the AES key (as made possible by the Billet et al. article), is no longer sufficient to "break" the white-box implementation. The Billet et al. attack requires knowledge of the S- box. The present invention makes this knowledge part of the key, which means an attacker can no longer make any assumptions about the contents of the S-box. Hence this attack no longer works.
Furthermore, the present invention is backwards compatible. That is, an implementation that operates according to the present invention can also decrypt data that has been encrypted with a prior art variant of the cryptographic method, in which the choice of the S-box is not one of the inputs.
An additional advantage is that the present invention increases the number of key lengths from which one can choose. The key length in Rijndael has to be a multiple of 32 bits and has to lie between 128 bits and 256 bits. With the present invention any key length between 128 bits and more than 10,000 bits can be chosen.
Preferably the cryptographic method is the Rijndael algorithm. A look-up table can be used to provide efficient implementations.
The invention may be used to distribute content in a safe manner. When the number of recipients is relatively small, or a large amount of processing power is available, every recipient may be provided with a different S-box. Alternatively every recipient may have the same S-box, or separate groups of recipients may be assigned different S-boxes. The invention further provides a server for distributing content, comprising means for choosing a key and an S-box, means for applying the method of the invention using the chosen key and the chosen S-box as input to encrypt the content, and means for distributing the encrypted content to a client device.
This server may be comprised in a system that further comprises a plurality of client devices, each respective client device being provided with means for decrypting the content using a respective chosen S-box.
This server may also be comprised in a system that further comprises a plurality of client devices, each respective client device being provided with means for decrypting the content using the chosen S-box.
The invention further provides a computer program product operative to cause a processor in an execution device to execute the method of the invention.
These and other aspects of the invention will be apparent from and elucidated with reference to the embodiments shown in the drawing, in which: Fig. 1 shows an illustrative client environment;
Fig. 2 illustrates the decryption and decoding process in more detail; Fig. 3 shows a block diagram of a system in which the invention may be employed; and
Fig. 4 illustrates the Rijndael algorithm in general, with Figs. 5, 6, 7 and 8 illustrating the Key Add, Substitution, ShiftRow and MixColumns steps of this algorithm respectively.
Throughout the figures, same reference numerals indicate similar or corresponding features. Some of the features indicated in the drawings are typically implemented in software, and as such represent software entities, such as software modules or objects.
Fig. 1 shows an illustrative client environment comprising a client device 100 such as a personal computer, radio receiver, CD or DVD player, television, mobile phone, personal digital assistant, portable player, and so on. Multiple client devices may be interconnected to allow one device, e.g. a television, to control another, e.g. the personal digital recorder. One device, typically a personal computer or a set top box (STB), then operates as a hub or central device, providing control over the other devices. Content such as music, songs, movies, TV programs, games, pictures, electronic books, interactive services and so on is received by the device 100 from a source. The content may be provided on a portable storage medium such as a digital versatile disc (DVD) or a peripheral device comprising a solid state memory or hard disk. Content can also be provided from server 130 through a network, for example a broadband cable or xDSL network, an Internet connection, a satellite downlink and so on.
The server 130 comprises a key generator 131 for choosing a key, a cryptographic processor 132 for encrypting the content using the chosen key as input to encrypt the content, and a distribution module 133 for distributing the encrypted content to the client device (100). Distribution typically takes place over a network, such as a wireless telephone network, the Internet or a cable television network, but may also take place by distributing physical carriers such as CD-ROMs, DVDs, solid state memory devices and so on.
The client device 100 includes a core media player 110 and several format- specific plug- ins 120, 122 and 124. The core player 110 may, for example, provide the user interlace for controlling the player. Examples of today's media players are Microsoft's Media Player, Real's RealOne Player and Apple's QuickTime player. Such players can load for a specific content format a respective plug- in for performing the format-specific decoding. Those content formats may include AVI, DV, Motion JPEG, MPEG-I, MPEG-2, MPEG-4, WMV, Audio CD, MP3, WMA, WAV, AIFF/AIFC, AU, etc. If and when future formats become available, a new plug- in can be developed to decode content encoded in that format. This plug- in is then installed on the client device, allowing playback of such content.
Each plug- in 120, 122, 124 includes a respective decoder. A decoder may send the decoded content directly to rendering hardware or software, such as loudspeaker 126, or pass it on to the core player 110 for further processing. For secure rendering, a secure plug- in is used that not only decodes the content in the specific format but also decrypts the content.
A typical approach in digital rights management for protected content distributed to personal computers is to encrypt the digital content (for instance using DES or AES) and to store the decryption key (or the "license") on the client device. This is illustrated in Fig. 2, where the encrypted content is first fed through a decryptor 230 and next the decrypted content is fed through the format-specific decoder 220. The decryptor 230 may receive a decryption key/license from a license database 210.
The exact way in which a content item is rendered depends on the type of device and the type of content. For instance, in a radio receiver, rendering comprises generating audio signals and feeding them to loudspeakers. For a television receiver, rendering generally comprises generating audio and video signals and feeding those to a display screen and loudspeakers. For other types of content a similar appropriate action must be taken. The largest vulnerability of digital rights management relying on encryption is the key distribution and handling. For playback, a software player has to retrieve a decryption key from the license database, it then has to store this decryption key somewhere in memory for the decryption of the encrypted content. This leaves an attacker two options for an attack of the key handling in a software player: firstly, reverse engineering of the license database access function could result in a black box software (i.e., the attacker does not have to understand the internal workings of the software function) capable of retrieving asset keys from all license databases. Secondly, by observation of the accesses to memory used during content decryption it is possible to retrieve the asset key.
Typically digital rights management systems use an encryption technique based on block ciphers that process the data stream in blocks using a sequence of encryption/decryption steps, referred to as rounds. The output of i-l"1 round is the input of the Ith round. Thus, for a system with N rounds the algorithm can be described as a function cascade fN ° • • o fλ(χ) , where function ft represents the functionality of round i .
Fig. 3 shows a block diagram of a system in which the invention may be employed. In the example of Fig. 3 content is distributed on a medium 310. The medium may be the same for each player. The medium may be of any suitable type, e.g. audio CD, DVD, solid state memory, hard disk, and so on. The content on the medium is copy protected, preferably by being encrypted under using an encryption algorithm. The storage medium may include information relating the decryption key. Alternatively, the storage medium may include information 312 (such as an identifier) that enables the player to retrieve the information, for example by downloading it from a server in the Internet. The decryption key is obtained in a secure module 320 by using a key- specific key 322 and the information 312 to calculate 324 the decryption key 326. The decryption key is the received 332 in a second module 330. The second module 330 decrypts 334, decodes 336 and renders 338 the content 314 of the medium 310.
A popular choice of decryption algorithm is the Advanced Encryption Standard (AES), a standardized version of the Rijndael algorithm. AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits. The specification of the AES algorithm is published as US Federal Information Processing Standards Publication 197. Rijndael is discussed in J. Daemen and V. Rijmen, Rijndael, the advanced encryption standard, Dr. Dobb's Journal, Vol. 26, No. 3, March 2001, pp. 137-139.
The Rijndael algorithm involves an iterated application of a round transformation. This is illustrated in Fig. 4. The round transformation consists of a sequence of four transformations.
1. Key Add — each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. See step 401.
2. Substitution — a non-linear substitution step where each byte is replaced with another according to a lookup table (a so-called S-box). See step 402.
3. ShiftRow — a transposition step where each row of the state is shifted cyclically a certain number of steps. See step 403. 4. MixColumns — a mixing operation which operates on the columns of the state, combining the four bytes in each column using a linear transformation. See step 404. The only difference between the last round and the other rounds is that in the last round the Mixcolumns step is removed.
Each transformation operates on an array of 16 bytes. This array, called the state, is generally visualized by a 4x4 matrix of bytes. The step Keyadd 401 adds to each byte a key-byte, as illustrated in Fig. 5.
The result of the Keyadd step 401 is given to the S-box. The S-box transforms in step 402 a byte bυ into the byte ctJ =J[g(blJ)), where g(x)=xΛ and/{x) is an affine mapping βx)=Ax@p discussed below. See Fig. 6. The step 402 uses a single S-box. The S-box transforms a byte a into the byte f(g(a)), where g(x)=x'1 andf(x) is an affine function equal to Ax@p for a given 8x8 matrix A and vector/?. The affine function/fa) =b is defined in Rijndael by
Figure imgf000008_0001
Figure imgf000008_0002
Here the byte a is comprised of the bits ao, ..., aγ and the byte b is comprised of the bits bo, ..., bγ. The bits ao and bo are the least significant bits.
Step 403 is the Shiftrow operation. This step shifts the bytes in row i of the state (i = 0,1,2,3) i columns to the left. This is illustrated in Fig. 7 where blocks with four shades of gray on the left are shifted as shown on the right.
The final transformation is step 404, the Mixcolumn transformation. This is illustrated in Fig. 8. Where all previous transformations did not cross the byte boundaries, this transformation does cross the byte boundaries. It mixes the bytes in one column. This is done via a matrix multiplication. Hence, the kΛ column d of the output state is obtained by multiplying the kΛ column c of the input state with some matrix M.
For the non-linearity properties of the S-box in step 402, it is not important which invertible matrix is chosen in the above definition off (a). Hence, by choosing this matrix (pseudo-)randomly and making the choice part of the key, the security of the block cipher is not affected. The key space is increased however as the number of invertible
matrices is given by FI(28 -T) which exceeds 5 times 1018.
(=0
This means that the key of the cipher is now given by a pair (K, A), where K is the standard Rijndael key and A is the 8x8 binary invertible matrix used in the affine mapping βx) of the S-box. It is also possible that the S-boxes used vary over the rounds and/or within the single rounds. In the most extreme case, a different S-box can be specified for each input byte of each round.
By making the matrix A in the affine mapping/fø) part of the key, the security of the block cipher is not affected because it is not important for the non-linearity properties of the S-box which matrix A is chosen. Furthermore, it is noted that the present invention is backwards compatible with Rijndael, i.e., an implementation that uses the invention can still handle Rijndael. To build the invention a random invertible matrix must be generated. A very straightforward algorithm for this task is to generate a random binary 8x8 matrix and check whether this matrix is invertible. The probability of success is more than 25%. If the generated matrix is not invertible, a new random matrix is generated until an invertible matrix is found. Other, more efficient algorithms for generating random invertible matrices are well-known in the art.
Below an embodiment is given that shows how to incorporate the present invention into the Rijndael white-box implementation of Cloakware. For the sake of simplicity, we focus on a block size of 128 bits and on 10 rounds. The idea of the white-box implementation is that each round is implemented by look-up tables and that each look-up table is obfuscated by means of input encodings and output encodings.
It can be seen that column d of the output state of a complete Rijndael round transformation is given by
Figure imgf000009_0001
M3C3 where M1 is defined as the Ith 32-bit (4 byte) column of M. Furthermore, from the definitions of Keyadd, S-box, and Shiftrow, it follows that C1 is given by βζciy© ky)'1) withj=(k-i) mod 4. Hence, if for each input byte atJ a look-up table can be constructed that maps the byte atJ to the 32-bit (4 byte) word Mtf((ay© ky)'1), then the output of a single Rijndael round can be computed by performing four look-ups and three 32 bit XOR operations per column of the output state (the last round can be handled by a single byte to byte look-up table per input byte). If there also is a look-up table that maps two nibbles xι and X2 to xι ® X2, then a single round may be implemented by only performing table look-ups. This implementation is the basis of the white-box implementation of Cloakware.
In Cloakware' s implementation, the input and output of each look-up table is encoded. This means the following. Each table T obtains an input encoding G and output encoding F, i.e., T is replaced by T = F 0 T 0 G for bijective functions G and F. Furthermore, if the result of look-up table T is used as input to look-up table T then the input encoding of table T is given by the inverse F of the output encoding of T. As a result, the input and output encodings have in combination no net effect, but they are introduced to obfuscate the tables. The total size of the look-up tables is approximately 0.7.
In the above the present invention can easily be applied. To achieve this, the values of the look-up table M,_/((a,/® ky)'1) are changed to M1 h((ayθ ky)'1), where/is the affine function proposed in Rijndael and h is the random affine function that is part of the key.
A possible application for the present invention is the following. The key generator 131 is now configured for choosing not only a key but also an S-box. The cryptographic processor 132 now applies the method according to the invention using the chosen key and the chosen S-box as input to encrypt the content. The distribution module 133 subsequently distributes the encrypted content to the client device 100. The encryption need not be done by a white-box implementation of the algorithm.
A program P that contains a white-box implementation of the decryption algorithm for some data stream(s) and that contains possibly other functionality is provided to the client device 100. This program P could be sold to the user of the client device 100. It may be made available from the server 130 or from another source. For instance, an Internet download could be offered or a CD-ROM or other storage medium containing the program P may be provided. The only way a user that did not buy the program P can decrypt the data is by copying P or by using the tables in the decryption component to write his/her own version of P. The former threat can, for instance, be prevented/discouraged by applying tracing techniques to the program and by applying copy protection techniques. As argued in Chow et al. cited above, the latter threat can (more or less) be prevented by replacing the decryption component D by F o D o G for some input and output encodings F and G, such that the remainder of the program P 'operates' on the data encoded by F and G. The encodings F and G are merged into the look-up tables of the decryption component. In other words, it is now more difficult for users that did not buy the decryption software to decrypt the data than would be the case if a standard Rijndael implementation would be used. In a standard Rijndael implementation a user just needs to find the key to write his/her own decryption algorithm.
Because Rijndael is a symmetric block cipher, the decryption key can also be used for encryption. An additional advantage of the white-box implementation using the present invention is that it can only be used for decryption and not for encryption. In other words, if the server 130 provides a white-box implementation for some key K, A, then a malicious user cannot encrypt data that can be decrypted with this software because he does not know key K,A.
This enables the use of the invention for the purpose of authentication and other applications such as forensic tracking. Because the clients have a particular fixed implementation, they can be sure that content which they can decrypt using this implementation originated from the real server and not from an imposter.
For forensic tracking to work the server 130 should register which client device is provided with which S-box. If an implementation is then 'leaked' on the Internet, it is possible to find out which S-box was used in this implementation. Using the registered association the client device and/or its owner can then be identified.
It is possible to change not only the decryption key, but also the S-box. To do this the provider can simply send an updated S-box to the client(s) involved. This should be done in a secure manner to avoid that an unauthorized third party gains access to this S-box. Alternatively a complete replacement implementation for the program P could be provided to the client(s) involved.
International patent application WO 2005/060147 (attorney docket
PHNL031443) and European patent application serial number 04105373.7 (attorney docket PHNL041207) both disclose implementations of cryptographic algorithms that are resistant to white-box attacks.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims. The program P for instance may implement much more than just the whitebox implementation of AES according to the invention. It may implement all necessary decryption operations. It may work together with an existing user interface system or provide its own user interface.
The cryptographic method and system of the present invention finds application in many situations. One example is the so-called Authorized Domain. In this kind of content protection system a set of devices can authenticate each other through a bi- directional connection. Based on this authentication, the devices will trust each other and this will enable them to exchange protected content. In the licenses accompanying the content, it is described which rights the user has and what operations he/she is allowed to perform on the content.
Some particular architectures of authorized domains have been outlined in international patent application WO 03/098931 (attorney docket PHNL020455), international patent application WO 2004/027588 (attorney docket PHNL030283), international patent application WO 2005/010879 (attorney docket PHNL030926) and European patent application serial number 04100997.8 (attorney docket PHNL040288). In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps other than those listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the device claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

CLAIMS:
1. A cryptographic method comprising a non- linear substitution step wherein an input byte is replaced by an output byte according to an S-box, characterized in that the contents of the S-box is given as input to the cryptographic method together with a cryptographic key to be used in the cryptographic method.
2. The method of claim 1, in which the cryptographic method is the Rijndael algorithm.
3. The method of claim 1, in which the replacement occurs using a look-up table.
4. A method of distributing content, comprising choosing a key and an S-box, applying the method of claim 1 using the chosen key and the chosen S-box as input to encrypt the content, and distributing the encrypted content to a recipient.
5. The method of claim 4, further comprising registering an association between the chosen S-box and the recipient.
6. A server (130) for distributing content, comprising means (131) for choosing a key and an S-box, means (132) for applying the method of claim 1 using the chosen key and the chosen S-box as input to encrypt the content, and means (133) for distributing the encrypted content to a client device (100).
7. A system comprising a server as claimed in claim 6 and a plurality of client devices, each respective client device being provided with means for decrypting the content using a respective chosen S-box.
8. A system comprising a server as claimed in claim 6 and a plurality of client devices, each respective client device being provided with means for decrypting the content using the chosen S-box.
9. A computer program product operative to cause a processor in an execution device to execute the method of claim 1.
PCT/IB2006/053034 2005-09-15 2006-08-31 Improved cryptographic method and system WO2007031894A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05108469 2005-09-15
EP05108469.7 2005-09-15

Publications (2)

Publication Number Publication Date
WO2007031894A2 true WO2007031894A2 (en) 2007-03-22
WO2007031894A3 WO2007031894A3 (en) 2007-11-01

Family

ID=37733413

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/053034 WO2007031894A2 (en) 2005-09-15 2006-08-31 Improved cryptographic method and system

Country Status (1)

Country Link
WO (1) WO2007031894A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008084433A2 (en) * 2007-01-11 2008-07-17 Koninklijke Philips Electronics N.V. Tracing copies of an implementation
JP2011512726A (en) * 2008-01-31 2011-04-21 イルデト・コーポレート・ビー・ヴイ Smart card protection
JP2011513787A (en) * 2008-03-05 2011-04-28 イルデト・コーポレート・ビー・ヴイ White box implementation
EP3413501A1 (en) * 2017-06-06 2018-12-12 Nxp B.V. Method for distributing a software application and encryption program for a white-box implementation

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999003246A2 (en) * 1997-04-14 1999-01-21 Lucent Technologies Inc. Methods and apparatus for enhanced security expansion of a secret key into a lookup table for improved security for wireless telephone messages
US6804355B1 (en) * 2000-01-06 2004-10-12 Intel Corporation Block cipher for small selectable block sizes

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999003246A2 (en) * 1997-04-14 1999-01-21 Lucent Technologies Inc. Methods and apparatus for enhanced security expansion of a secret key into a lookup table for improved security for wireless telephone messages
US6804355B1 (en) * 2000-01-06 2004-10-12 Intel Corporation Block cipher for small selectable block sizes

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
EL-RAMLY, EL-GARF, SOLIMAN: "Dynamic Generation of S-Boxes in Block Cipher Systems" PROCEEDINGS OF THE 8TH NATIONAL RADIO SCIENCE CONFERENCE, [Online] 2001, pages 389-397, XP002446416 Egypt Retrieved from the Internet: URL:http://ieeexplore.ieee.org/iel5/7390/2 0087/00929396.pdf> [retrieved on 2007-08-10] *
MNEZES, VANSTONE, OORSCHOT: "Handbook of Applied Cryptography" 1997, CRC PRESS LLC , USA , XP002446442 page 17 - page 18 page 238 - page 241 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008084433A2 (en) * 2007-01-11 2008-07-17 Koninklijke Philips Electronics N.V. Tracing copies of an implementation
US8306216B2 (en) 2007-01-11 2012-11-06 Irdeto B.V. Method and system for tracking or identifying copy of implementation of computational method, and computation system
JP2011512726A (en) * 2008-01-31 2011-04-21 イルデト・コーポレート・ビー・ヴイ Smart card protection
JP2011513787A (en) * 2008-03-05 2011-04-28 イルデト・コーポレート・ビー・ヴイ White box implementation
US8670559B2 (en) 2008-03-05 2014-03-11 Irdeto Corporate B.V. White-box implementation
EP3413501A1 (en) * 2017-06-06 2018-12-12 Nxp B.V. Method for distributing a software application and encryption program for a white-box implementation

Also Published As

Publication number Publication date
WO2007031894A3 (en) 2007-11-01

Similar Documents

Publication Publication Date Title
US8306216B2 (en) Method and system for tracking or identifying copy of implementation of computational method, and computation system
US8479016B2 (en) Method and system for obfuscating a cryptographic function
KR101715027B1 (en) White-box cryptographic system with input dependent encodings
EP2044724B1 (en) Tamper resistance of a digital data processing unit
CN106888080B (en) Protecting white-box feistel network implementations from false attacks
US8681975B2 (en) Encryption method and apparatus using composition of ciphers
US9602273B2 (en) Implementing key scheduling for white-box DES implementation
US9819486B2 (en) S-box in cryptographic implementation
WO2008059420A2 (en) Cryptographic method for a white-box implementation
CN107273724B (en) Watermarking input and output of white-box implementations
US9363244B2 (en) Realizing authorization via incorrect functional behavior of a white-box implementation
EP1712032B1 (en) Block ciphering system, using permutations to hide the core ciphering function of each encryption round
CN105978680B (en) Encryption operation method for encryption key
US9025765B2 (en) Data security
US9639674B2 (en) Using single white-box implementation with multiple external encodings
WO2007031894A2 (en) Improved cryptographic method and system
EP3413509B1 (en) Cmac computation using white-box implementations with external encodings
EP2940919B1 (en) Realizing authorization via incorrect functional behavior of a white-box implementation
Sethi Digital rights management and code obfuscation
CN118250491A (en) Space-difficult white-box password method for multimedia security
Gunjal et al. Providing Security to Data Backup System using Visual Cryptography
Verma et al. Digital Right Management Model based on Cryptography for Text Contents

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06795841

Country of ref document: EP

Kind code of ref document: A2