Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security

ISC 2021: Information Security pp 54–69Cite as

Cryptanalysis of Two White-Box Implementations of the SM4 Block Cipher

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13118))

Abstract

The SM4 block cipher has a 128-bit block length and a 128-bit user key, formerly known as SMS4. It is a Chinese national standard and an ISO international standard. White-box cryptography aims primarily to protect the secret key used in a cryptographic software implementation in the white-box scenario that assumes an attacker to have full access to the execution environment and execution details of an implementation. Since white-box cryptography has many real-life applications nowadays, a few white-box implementations of the SM4 block cipher has been proposed, in particular, in 2009 Xiao and Lai presented the first white-box SM4 implementation based on traditional way, which has been attacked with the lowest currently published attack complexity of about \(2^{32}\) using affine equivalence technique; and in 2020 Yao and Chen presented a white-box SM4 implementation based on state expansion, and got the lowest attack complexity of about \(2^{51}\) among a variety of attack techniques. In this paper, we present collision-based attacks on Yao and Chen’s and Xiao and Lai’s white-box SM4 implementations with a time complexity of about \(2^{23}\) for recovering a round key, and thus show that their security is much lower than previously published.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Baek, C.H., Cheon, J.H., Hong, H.: White-Box AES implementation revisited. J. Commun. Netw. 18(3), 273–287 (2016)

    Google Scholar 

  2. Bai, K., Wu, C.: A secure White-Box SM4 implementation. Secur. Commun. Netw. 9(10), 996–1006 (2016)

    Article  Google Scholar 

  3. Bai, K., Wu, C., Zhang, Z.: Protect White-Box AES to resist table composition attacks. IET Inf. Secur. 12(4), 305–313 (2018)

    Google Scholar 

  4. Barkan, E., Biham, E.: In how many ways can you write Rijndael? In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 160–175. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_10

    Chapter  MATH  Google Scholar 

  5. Billet, O., Gilbert, H., Ech-Chatbi, C.: Cryptanalysis of a White Box AES implementation. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 227–240. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30564-4_16

    Chapter  Google Scholar 

  6. Biryukov, A., De Cannière, C., Braeken, A., Preneel, B.: A Toolbox for cryptanalysis: linear and affine equivalence algorithms. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 33–50. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_3

    Chapter  Google Scholar 

  7. Bringer, J., Chabanne, H., Dottax, E.: White box cryptography: another attempt. IACR Cryptol. ePrint Arch. 2006, 468 (2006)

    Google Scholar 

  8. Chow, S., Eisen, P., Johnson, H., Van Oorschot, P.C.: White-Box cryptography and an AES implementation. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 250–270. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36492-7_17

    Chapter  MATH  Google Scholar 

  9. Chow, S., Eisen, P., Johnson, H., van Oorschot, P.C.: A White-Box DES implementation for DRM applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-44993-5_1

    Chapter  Google Scholar 

  10. Derbez, P., Fouque, P., Lambin, B., Minaud, B.: On recovering affine encodings in white-box implementations. IACR Trans. Cryptogr. Hard. Embed. Syst. 2018(3), 121–149 (2018)

    Article  Google Scholar 

  11. Office of State Commercial Cryptography Administration of China: The SMS4 Block Cipher (2006). (in Chinese)

    Google Scholar 

  12. Standardization Administration of China: Information Security Technology - SM4 Block Cipher Algorithm (2016)

    Google Scholar 

  13. International Standardization of Organization (ISO), International Standard - ISO/IEC 18033–3:2010/AMD1:2021, Amendment 1 - Information technology - Security techniques - Encryption algorithms - Part 3: Block ciphers - SM4 (2021)

    Google Scholar 

  14. Goubin, L., Masereel, J.-M., Quisquater, M.: Cryptanalysis of White Box DES implementations. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 278–295. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77360-3_18

    Chapter  Google Scholar 

  15. Jacob, M., Boneh, D., Felten, E.: Attacking an obfuscated cipher by injecting faults. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 16–31. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-44993-5_2

    Chapter  Google Scholar 

  16. Karroumi, M.: Protecting White-Box AES with dual ciphers. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 278–291. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24209-0_19

    Chapter  Google Scholar 

  17. Lai, X.: Higher order derivatives and differential cryptanalysis. In: Blahut, R.E., Costello, D.J., Maurer, U., Mittelholzer, T. (eds.) Communications and Cryptography. The Springer International Series in Engineering and Computer Science (Communications and Information Theory), vol. 276, pp. 227–233. Springer, Boston, MA (1994). https://doi.org/10.1007/978-1-4615-2694-0_23

  18. Lepoint, T., Rivain, M., De Mulder, Y., Roelse, P., Preneel, B.: Two attacks on a White-Box AES implementation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 265–285. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_14

    Chapter  Google Scholar 

  19. Lin, T., Lai, X.: Efficient attack to White-Box SMS4 implementation. J. Softw. 24(9), 2238–2249 (2013).(in Chinese)

    Google Scholar 

  20. Lin, T., Yan, H., Lai, X., Zhong, Y., Jia, Y.: Security evaluation and improvement of a White-Box SMS4 implementation based on affine equivalence algorithm. Comput. J. 61(12), 1783–1790 (2018)

    Article  MathSciNet  Google Scholar 

  21. Link, H.E., Neumann, W.D.: Clarifying obfuscation: improving the security of White-Box DES. In: International Symposium on Information Technology: Coding and Computing, pp. 679–684. IEEE (2005)

    Google Scholar 

  22. Luo, R., Lai, X., You, R.: A new attempt of White-box AES implementation. In: Proceedings of IEEE International Conference on Security, pp. 423–429. IEEE (2014)

    Google Scholar 

  23. Michiels, W., Gorissen, P., Hollmann, H.D.L.: Cryptanalysis of a generic class of White-Box implementations. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 414–428. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04159-4_27

    Chapter  Google Scholar 

  24. De Mulder, Y., Roelse, P., Preneel, B.: Cryptanalysis of the Xiao – Lai White-Box AES implementation. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 34–49. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_3

    Chapter  Google Scholar 

  25. De Mulder, Y., Wyseur, B., Preneel, B.: Cryptanalysis of a perturbated White-Box AES implementation. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 292–310. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17401-8_21

    Chapter  Google Scholar 

  26. National Institute of Standards and Technology (NIST): Advanced Encryption Standard (AES), FIPS-197 (2001)

    Google Scholar 

  27. National Bureau of Standards (NBS): Data Encryption Standard (DES), FIPS-46 (1977)

    Google Scholar 

  28. Shi, Y., Wei, W., He, Z.: A lightweight white-box symmetric encryption algorithm against node capture for WSNs. Sensors 15(5), 11928–11952 (2015)

    Article  Google Scholar 

  29. Tolhuizen, L.: Improved cryptanalysis of an AES implementation. In: Proceedings of the 33rd WIC Symposium on Information Theory in the Benelux, pp. 68–71 (2012)

    Google Scholar 

  30. Wang, R.: Security analysis of lightweight white-box cryptography algorithm . Master’s thesis, Beihang University (2021). (in Chinese)

    Google Scholar 

  31. Wang, R., Guo, H., Lu, J., Liu, J.: Cryptanalysis of a White-Box SM4 implementation based on collision attack. IET Inf. Secur. (to appear)

    Google Scholar 

  32. Wyseur, B., Michiels, W., Gorissen, P., Preneel, B.: Cryptanalysis of White-Box DES implementations with arbitrary external encodings. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 264–277. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77360-3_17

    Chapter  Google Scholar 

  33. Xiao, Y., Lai, X.: A secure implementation of white-box AES. In: Proceedings of the Second International Conference on Computer Science and its Applications, pp. 1–6. IEEE (2009)

    Google Scholar 

  34. Xiao, Y., Lai, X.: White-Box cryptography and a SMS4 implementation . In: Proceedings of 2009 Annual Conference of the Chinese Association of Cryptologic Research, pp. 24–34 (2009). (in Chinese)

    Google Scholar 

  35. Yao, S., Chen, J.: A new method for White-Box implementation of SM4 algorithm (in Chinese). J. Cryptol. Res. 7(3), 358–374 (2020)

    Google Scholar 

Download references

Acknowledgement

This work was supported by National Natural Science Foundation of China (No. 61972018) and Guangxi Key Laboratory of Cryptography and Information Security (No. GCIS202102). Jiqiang Lu is Qianjiang Special Expert of Hangzhou.

Author information

Authors and Affiliations

  1. School of Cyber Science and Technology, Beihang University, Beijing, China

    Jiqiang Lu & Jingyu Li

  2. Guangxi Key Laboratory of Cryptography and Information Security, Guilin, China

    Jiqiang Lu

  3. HangZhou Innovation Institute, Beihang University, Beijing, China

    Jiqiang Lu

Authors
  1. Jiqiang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jingyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jiqiang Lu .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, VIC, Australia

    Joseph K. Liu

  2. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis Katsikas

  3. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  4. University of Wollongong, Wollongong, NSW, Australia

    Willy Susilo

  5. Petra Christian University, Surabaya, Indonesia

    Rolly Intan

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lu, J., Li, J. (2021). Cryptanalysis of Two White-Box Implementations of the SM4 Block Cipher. In: Liu, J.K., Katsikas, S., Meng, W., Susilo, W., Intan, R. (eds) Information Security. ISC 2021. Lecture Notes in Computer Science(), vol 13118. Springer, Cham. https://doi.org/10.1007/978-3-030-91356-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-91356-4_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-91355-7

  • Online ISBN: 978-3-030-91356-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation