White-box password nonlinear coding protection method based on combination of table look-up and disturbance scrambling

Abstract

The invention discloses a white-box password nonlinear coding protection method based on combination of table look-up and disturbance scrambling. The white-box password nonlinear coding protection method comprises the following steps of: averagely dividing 32-bit sensitive variables in a password algorithm operation process into four sets, namely x<0,0>, x<0,1>, x<0,2> and x<0,3>, and sequentially performing nonlinear scrambling shown in the specification; adding disturbance information (beta*, Y, phi*), and calculating beta*=F(x<0,0>, x<0,1>, x<0,2> and x<0,3>) as an initial disturbance item; sequentially transforming results in two steps through T<3>, T<2>, T<1>, T<0> and phi*; taking an output result as column promiscuous transformation; and then, sequentially performing nonlinear displacement through Q<3>, Q<2>, Q<1>, Y and Q<0> to obtain an input variable for the next round of iteration, such that a final output result of a white box is obtained. According to the invention, nonlinear bijection transformation of internal and external coding is adopted simultaneously; because the algebraic time of a single S box is not beyond 8 and the algebraic time cannot be increased by a column promiscuous part and external radiation scrambling coding, required operation is relatively low; furthermore, when an external algebra interpolation attack occurs, a main key cannot be recovered directly; an equivalent decoding Boolean system is constructed; and thus, the safety of the white-box password nonlinear coding protection method disclosed by the invention is relatively high.

Description

technical field [0001] The invention relates to the field of information security, in particular to a white-box cipher non-linear encoding protection method based on a combination of table lookup and disturbance scrambling. Background technique [0002] In the design and implementation of traditional cryptographic algorithms and security protocols, it is generally assumed that the terminal in which the cryptographic algorithm operates is safe and credible, and the security of the entire system lies in the confidentiality of the key. With the continuous development of digital information technology, studies have found that cryptographic software usually runs in an unsafe environment, such as the presence of malicious viruses and dishonest users. It is easy to capture key information, a new security challenge is: how to hide the key information directly in the implementation of the algorithm in an open software code environment, and make it impossible for attackers to extract ...

AI Technical Summary

Problems solved by technology

The basic design idea of ​​white-box cipher is: for a given cryptographic algorithm and key information, the mapping from plaintext to ciphertext is determined; The execution process is completed by the lookup table method, the key is hidden in the table, but the attacker cannot extract the key from the lookup table

However, there is a common problem in the current white-box cipher schemes, that is, using the input and output characteristics of the lookup table, after eliminating the nonlinear part of the inner round scrambling code, only the linear scrambling operation is left in the outer code, so in The amount of calculation required to be broken under the white box condition is small, and the security of the password still needs to be further improved

Images