whitebox techniques for des
TRANSCRIPT
Implementation et Analyse d’une White-box duDES
David Wong Jacques Monin Hugo Bonnin
Universite de Bordeaux
2014
A quoi ca sert ?
Base de la cryptographie
Man At The End
.-----------------.
| ATTAQUANT |
| .-----------. |
| | | |
| | PROGRAMME | |
| | | |
| ’-----------’ |
| |
’-----------------’
Exemples
Definition
Algorithme DES
I Le but est de transformer toutes ces operations
GithubI DES : www.github.com/mimoo/DESI WHITEBOX-DES : www.github.com/mimoo/whiteboxDES
Partial evaluation
I Regrouper le XOR entre le bloc et la cle avec l’operation desubstitution.
I On peut ensuite pre-calculer toutes les sorties possibles decette operation.
I Les tables creees sont les seules du programme a etremodifiees lorsqu’une nouvelle cle est utilisee.
Tabularization
Figure 1: Tabularisation
Transformation
Decomposition de Matrice
Figure 2: Decomposition de Matrice
Input/Output Encoding
Figure 3: Encoding
Concepts secondaires
*********************************************
* state 2 (96 bits) *
*********************************************
| | | |
v v v ... v
?????????????????????????????????????????????
| | | ... |
v v v v
*********************************************
* state 3 (96 bits) *
*********************************************
Randomization
Mixing Bijection
000000000000000000000000000000010000000000000000000000001000000000000000000000000000000000000000
100000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000
010000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000
001000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000
000100000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000
000010000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000
000100000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000
000010000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000
000001000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000
000000100000000000000000000000000000000000000000000000000001000000000000000000000000000000000000
000000010000000000000000000000000000000000000000100000000000000000000000000000000000000000000000
G−1 · (G ·M1) ou G ·M1
Bypass
I On empeche l’identification facile des operations
I On rajoute des bits en entree et en sortie
Combined Function
(P||Q)(inputP ||inputQ).
Split-Path Encoding
Entree S-box Sortie
.--------------------.
0011||0010 --> |...| 0011||0010 |...|
|----------------|---|
|...| 0001 |...| --> 0001
’--------------------’
|
v
.--------------------.
0011||0010 --> |...| 0011||0010 |...|
|----------------|---|
|...| 0001||xxxx |...| --> 0001||1001
’--------------------’
External Encoding
I Appliquer deux bijections a l’entree et la sortie de DES
I Whitebox = E ◦ DES(input) ◦ G
ConclusionI Beaucoup d’effort pour d’autres solutions (API, cles publiques)I Taille importanteI La non-connaissance des algorithmes est “trop” importante.I Utilise profesionnellement