检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]上海交通大学计算机科学与工程系,上海200240
出 处:《软件学报》2013年第9期2238-2249,共12页Journal of Software
基 金:国家自然科学基金(61073149)
摘 要:传统的密码模型都假设密码系统的运行终端和计算环境是可信任的,但是,随着攻击方式的发展,这样的模型显得越来越脆弱.而白盒攻击环境是指攻击者除了能够获得与传统密码模型同样的资源以外,还对密码系统的内部运行完全可见,并完全掌控执行环境.因此,能够抵抗白盒攻击的密码算法具有更高层次的安全意义.2009年提出的SMS4算法的白盒实现,其目标是在白盒攻击环境下能够防止SMS4算法的密钥被恢复.在回顾已有研究的基础上,针对该SMS4算法的白盒实现提出了一种有效的攻击,并详细解释了如何以低于247的时间复杂度找出嵌入其中的轮密钥,说明了该白盒设计方法的不可靠性,并为设计安全的白盒实现提供了一种参考.In traditional cryptographic model, it is assumed that the communication end points and computing environments of a cryptosystem are trusted. But this model becomes increasingly frailer with the development of the attack method. In the white-box attack model, the adversary can get not only access to the same resources as in the traditional cryptographic model but also total visibility of the internal implementation of the cryptosystem and full control over its execution environment, so it has the higher level of secure significance. The white-box SMS4 implementation, which was proposed in 2009, is aimed at protecting SMS4 operated in the white box context against key exposure. In this paper, based on the review of previous research, we propose an efficient attack and explain in detail how to extract the round key embedded in such a white box SMS4 implementation, with worst time complexity 247. As a result, we show that the white-box method is unreliable and provide reference for the secure white-box implementation.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28
