Paper 2021/1586
Cryptanalysis of a Type of White-Box Implementations of the SM4 Block Cipher
Abstract
The SM4 block cipher is a Chinese national standard and an ISO international standard. Since white-box cryptography has many real-life applications nowadays, a few white-box implementations of SM4 has been proposed, among which a type of constructions is dominated, that uses a linear or affine diagonal block encoding to protect the original three 32-bit branches entering a round function and uses its inverse as the input encoding to the S-box layer. In this paper, we analyse the security of this type of constructions against Lepoint et al.'s collision-based attack method, our experiment under a small fraction of (encodings, round key) combinations shows that the rank of the concerned linear system is much less than the number of the involved unknowns, meaning these white-box SM4 implementations should resist Lepoint et al.'s method, but we leave it as an open problem whether there are such encodings that the rank of the corresponding linear system is slightly less than the number of the involved unknowns, in which scenario Lepoint et al.'s method may be used to recover a round key for the case with linear encodings and to remove most white-box operations until mainly some Boolean masks for the case with affine encodings.
Note: This paper was published in The Computer Journal in 2024, being a major revision of the paper appeared in Proceedings of ISC 2021 --- The 24th Information Security Conference. In this version, we corrected our previous cryptanalysis results on Yao and Chen's and Xiao and Lai's white-box SM4 implementations, and gave cryptanalysis results on two other white-box SM4 implementations, namely Shang's and Wu et al.'s implementations.
Metadata
- Available format(s)
PDF- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. The Computer Journal, 2024, 67, 1663–1673
- DOI
- https://doi.org/10.1093/comjnl/bxad091
- Keywords
- White-box cryptographySM4 (SMS4) block ciphercollision attack
- Contact author(s)
- lvjiqiang @hotmail com
- History
- 2025-04-05: last of 3 revisions
- 2021-12-06: received
- See all versions
- Short URL
- https://ia.cr/2021/1586
- License
CC BY
BibTeX
@misc{cryptoeprint:2021/1586, author = {Jiqiang Lu and Jingyu Li and Zexuan Chen and Yanan Li}, title = {Cryptanalysis of a Type of White-Box Implementations of the {SM4} Block Cipher}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1586}, year = {2021}, doi = {https://doi.org/10.1093/comjnl/bxad091}, url = {https://eprint.iacr.org/2021/1586}}