一种针对分组密码软件的APT后门及其防范  被引量：1

作　　者：王安 董永银 祝烈煌[1] 张宇[3] 丁瑶玲 WANG An;DONG Yong-Yin;ZHU Lie-Huang;ZHANG Yu;DING Yao-Ling(School of Computer Science and Technology,Beijing Institute of Technology,Beijing 100081,China;State Key Laboratory of Cryptology,Beijing 100878,China;Chinese People’s Liberation Army 61206,Beijing 100042,China)

机构地区：[1]北京理工大学计算机学院,北京100081 [2]密码科学技术国家重点实验室,北京100878 [3]中国人民解放军61206部队,北京100042

出　　处：《密码学报》2021年第1期65-75,共11页Journal of Cryptologic Research

基　　金：国家自然科学基金(61872040,U1836101,62002021);“十三五”国家密码发展基金(MMJJ20170201)。

摘　　要：随着计算机技术及信息化的高速发展,软件已经广泛应用于各行各业,利用软件后门获取敏感信息的攻击事件不断发生,给国计民生的重要领域带来很大损失.通常,软件后门的隐蔽性和其强大功能之间是矛盾的,冗长的代码、复杂的功能往往导致后门的代码特征或行为特征过于明显.本文借助差分故障分析、逆向分析、高级持续性威胁等技术,给出了一种向分组密码软件植入后门的可行方案,并以DES加密软件为载体进行了实现.我们将后门激活时输出的故障密文、后门未激活时输出的正确密文进行结合,通过差分故障分析最终恢复了完整的DES密钥.该后门具有隐蔽性强、植入简单、危害性大等特点,可作为一种高级持续性威胁的手段.最后,我们给出了该类后门的防御措施,对后门植入和防范问题进行了辩证地讨论.With the rapid development of computer technology and information technology, software is used everywhere. Attackers can make use of software backdoors to gain important information and resources, causing severe problems and losses. There are contradictions between the concealment and powerful function of software backdoors. Long codes and complex functionalities bring obvious features of the backdoor. This paper proposes a feasible backdoor injection scheme on the block cipher software. The proposed method is based on differential fault analysis, reverse engineering, and advanced persistent threat. By employing fault ciphertexts from active backdoor and correct ciphertexts from non-active backdoor, it is possible to recover the whole DES key by differential fault analysis. The characteristics of this backdoor include strong concealment, easy to operate, can cause big harm, etc.So, this backdoor can be used as a means of advanced persistent threat. Finally, countermeasures for this type of backdoor are given, and the problems of backdoor injection and defense are dialectically discussed.

关 键 词：软件后门 逆向分析 差分故障分析 DES算法 高级持续性威胁 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]