Method and apparatus for implementing a white-box cipher
Abstract
An apparatus method and computer media for implementing a white-box block cipher in a software application to create a secure software application having the same functionality as the software application. An implementation of a block cipher is created by: applying an isomorphism between an original finite field representation and a composite field representation, and using this isomorphism to reconstruct the cipher as operations that use only the elements of the composite field, including XOR, linear transformation and S-box; decomposing original S-box into several algebraic steps and merging some of these into other parts of the cipher; in the non-linear step of S-box, implementing the inversion in the original finite field representation with algorithm in the composite field representation; applying an initial threshold implementation of m input shares and n output shares to generate lookup tables for the non-linear step of S-box; applying further threshold implementations to different steps of the cipher to generate lookup tables. The block cipher is applied to at least a portion of the software application to create the secure software application and thereby increase security of a computing platform executing the secure software application.
Claims
exact text as granted — not AI-modifiedWhat is claimed:
1 . A method for implementing a white-box block cipher in a software application to create a secure software application having the same functionality as the software application, the method comprising:
creating an implementation of a block cipher by:
applying an isomorphism between an original finite field representation and a composite field representation, and using this isomorphism to reconstruct the cipher as operations that use only the elements of the composite field, including XOR, linear transformation and S-box;
decomposing original S-box into several algebraic steps and merging some of these into other parts of the cipher;
in the non-linear step of S-box, implementing the inversion in the original finite field representation with algorithm in the composite field representation;
applying an initial threshold implementation of m input shares and n output shares to generate lookup tables for the non-linear step of S-box;
applying further threshold implementations to different steps of the cipher to generate lookup tables; and
applying the block cipher to at least a portion of the software application to create the secure software application and thereby increase security of a computing platform executing the secure software application.
2 . The method of claim 1 , wherein the original finite field representation comprises an 8-bit element.
3 . The method of claim 1 , wherein the composite field representation comprises two 4-bit elements.
4 . The method of claim 1 , wherein the isomorphism is constructed from elements in GF(2 8 ) to the composite field GF (2 4 ) 2 for the S-box and the threshold implementation is applied to mask the inputs and outputs of the cipher.
5 . The method of claim 1 , wherein the initial threshold implementation generates masks and extends outputs of the lookup tables to thereby obfuscate the S-box.
6 . The method of claim 5 , wherein each mask is dependent on an earlier mask in an inverted tree structure.
7 . An apparatus for implementing a white-box block cipher in a software application to create a secure software application having the same functionality as the software application, the apparatus comprising:
at least one hardware processor; and at least one memory operatively coupled to the processor and storing instucitons thereon that, when executed by the at least one hardware processor, cause the at least one hardware processor to: create an implementation of a block cipher by:
applying an isomorphism between an original finite field representation and a composite field representation, and using this isomorphism to reconstruct the cipher as operations that use only the elements of the composite field, including XOR, linear transformation and S-box;
decomposing original S-box into several algebraic steps and merging some of these into other parts of the cipher;
in the non-linear step of S-box, implementing the inversion in the original finite field representation with algorithm in the composite field representation;
applying an initial threshold implementation of m input shares and n output shares to generate lookup tables for the non-linear step of S-box;
applying further threshold implementations to different steps of the cipher to generate lookup tables; and
applying the block cipher to at least a portion of the software application to create the secure software application and thereby increase security of a computing platform executing the secure software application.
8 . The apparatus of claim 7 , wherein the original finite field representation comprises an 8-bit element.
9 . The apparatus of claim 7 , wherein the composite field representation comprises two 4-bit elements.
10 . The apparatus of claim 7 , wherein the isomorphism is constructed from elements in GF(2 8 ) to the composite field GF (2 4 ) 2 for the S-box and the threshold implementation is applied to mask the inputs and outputs of the cipher.
11 . The apparatus of claim 7 , wherein the initial threshold implementation generates masks and extends outputs of the lookup tables to thereby obfuscate the S-box.
12 . The apparatus of claim 11 , wherein each mask is dependent on an earlier mask in an inverted tree structure.
13 . Non-transitory computer-readable media having instructions stored thereon which, when executed by a processor of a computing platform, cause the computing platform to carry out a method for implementing a white-box block cipher in a software application to create a secure software application having the same functionality as the software application, the method comprising:
creating an implementation of a block cipher by:
applying an isomorphism between an original finite field representation and a composite field representation, and using this isomorphism to reconstruct the cipher as operations that use only the elements of the composite field, including XOR, linear transformation and S-box;
decomposing original S-box into several algebraic steps and merging some of these into other parts of the cipher;
in the non-linear step of S-box, implementing the inversion in the original finite field representation with algorithm in the composite field representation;
applying an initial threshold implementation of m input shares and n output shares to generate lookup tables for the non-linear step of S-box;
applying further threshold implementations to different steps of the cipher to generate lookup tables; and
applying the block cipher to at least a portion of the software application to create the secure software application and thereby increase security of a computing platform executing the secure software application.
14 . The method of claim 13 , wherein the original finite field representation comprises an 8-bit element.
15 . The method of claim 13 , wherein the composite field representation comprises two 4-bit elements.
16 . The method of claim 13 , wherein the isomorphism is constructed from elements in GF(2 8 ) to the composite field GF (2 4 ) 2 for the S-box and the threshold implementation is applied to mask the inputs and outputs of the cipher.
17 . The method of claim 13 , wherein the initial threshold implementation generates masks and extends outputs of the lookup tables to thereby obfuscate the S-box.
18 . The method of claim 17 , wherein each mask is dependent on an earlier mask in an inverted tree structure.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.