{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,25]],"date-time":"2025-10-25T14:24:49Z","timestamp":1761402289826,"version":"3.37.3"},"reference-count":37,"publisher":"Oxford University Press (OUP)","issue":"3","license":[{"start":{"date-parts":[[2023,6,6]],"date-time":"2023-06-06T00:00:00Z","timestamp":1686009600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/pages\/standard-publication-reuse-rights"}],"funder":[{"name":"Natural Science Basic Research Program of Shaanxi","award":["2021JM-126"],"award-info":[{"award-number":["2021JM-126"]}]},{"name":"Henan Key Laboratory of Network Cryptography Technology","award":["LNCT2022-A08"],"award-info":[{"award-number":["LNCT2022-A08"]}]},{"DOI":"10.13039\/501100015401","name":"Key Research and Development Program of Shaanxi","doi-asserted-by":"publisher","award":["2023-YBGY-015"],"award-info":[{"award-number":["2023-YBGY-015"]}],"id":[{"id":"10.13039\/501100015401","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,4,14]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>White-box implementation can ensure the security of cryptographic algorithm in white-box attack environment without changing the inputs and outputs of the original algorithm. Most existing white-box implementations construct a series of lookup tables to protect the key. However, with the development of white-box attack techniques, many white-box implementations have been proved to be insecure. In this paper, a new white-box implementation of SM4 is proposed, which is based on an equivalent partial SPN structure of the SM4 algorithm. Our implementation includes three types of table lookup operations and XOR operations. The round keys are obfuscated with the self-equivalences of the S-box and random affine encodings. Security analysis shows that our implementation can resist BGE-type attack, the attack based on affine equivalence algorithm, the structure attack, the collision attack and differential computational analysis. Furthermore, our scheme requires 8.125 MB of memory.<\/jats:p>","DOI":"10.1093\/comjnl\/bxad044","type":"journal-article","created":{"date-parts":[[2023,6,8]],"date-time":"2023-06-08T00:25:13Z","timestamp":1686183913000},"page":"1087-1098","source":"Crossref","is-referenced-by-count":4,"title":["A White-box Implementation of SM4 with Self-equivalence Encoding"],"prefix":"10.1093","volume":"67","author":[{"given":"Jie","family":"Chen","sequence":"first","affiliation":[{"name":"School of Telecommunication Engineering , Xidian University, Xi\u2019an 710071, China"},{"name":"Henan Key Laboratory of Network Cryptography Technology , Zhengzhou 450001, China"}]},{"given":"Yinuo","family":"Luo","sequence":"additional","affiliation":[{"name":"School of Telecommunication Engineering, Xidian University , Xi\u2019an 710071, China"}]},{"given":"Jun","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Computer Science, Shaanxi Normal University , Xi\u2019an 710119, China"}]},{"given":"Chao","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Telecommunication Engineering, Xidian University , Xi\u2019an 710071, China"}]},{"given":"Yueyu","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Cyber Engineering, Xidian University , Xi\u2019an 710068, China"}]},{"given":"Xiaoli","family":"Dong","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Xi\u2019an University of Posts and Telecommunications , Xi\u2019an 710121, China"}]}],"member":"286","published-online":{"date-parts":[[2023,6,6]]},"reference":[{"key":"2024041716573124800_ref1","first-page":"250","article-title":"White-box cryptography and an AES implementation","volume-title":"Selected Areas in Cryptography, 9th Annual Int. Workshop, SAC","author":"Chow","year":"2002"},{"key":"2024041716573124800_ref2","doi-asserted-by":"crossref","first-page":"227","DOI":"10.1007\/978-3-540-30564-4_16","article-title":"Cryptanalysis of a white box AES implementation","volume-title":"Selected Areas in Cryptography, 11th Int. Workshop, SAC","author":"Billet","year":"2004"},{"key":"2024041716573124800_ref3","first-page":"468","article-title":"White box cryptography: another attempt","author":"Bringer","year":"2006","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"2024041716573124800_ref4","first-page":"292","article-title":"Cryptanalysis of a perturbated white-box AES implementation","volume-title":"Progress in Cryptology - INDOCRYPT","author":"Mulder","year":"2010"},{"key":"2024041716573124800_ref5","first-page":"414","article-title":"Cryptanalysis of a generic class of white-box implementations","volume-title":"Selected Areas in Cryptography, 15th Int. Workshop, SAC","author":"Michiels","year":"2008"},{"key":"2024041716573124800_ref6","first-page":"292","article-title":"A secure implementation of white-box AES","volume-title":"Int. Conf. on Computer Science and Its Applications","author":"Xiao","year":"2009"},{"key":"2024041716573124800_ref7","first-page":"34","article-title":"Cryptanalysis of the xiao - lai white-box AES implementation","volume-title":"Selected Areas in Cryptography, 19th Int. Conf., SAC, Windsor, ON, Canada, August 15\u201316, 2012, Revised Selected Papers","author":"Mulder","year":"2012"},{"key":"2024041716573124800_ref8","first-page":"278","article-title":"Protecting white-box AES with dual ciphers","volume-title":"Information Security and Cryptology - ICISC - 13th Int. Conf.","author":"Karroumi","year":"2010"},{"key":"2024041716573124800_ref9","first-page":"24","article-title":"WIC (Werkgemeenschap voor Inform.- en Communicatietheorie)","volume-title":"Improved Cryptanalysis of an AES Implementation","author":"Tolhuizen","year":"2012"},{"key":"2024041716573124800_ref10","first-page":"450","article-title":"Revisiting the BGE attack on a white-box AES implementation","author":"Mulder","year":"2013","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"2024041716573124800_ref11","first-page":"265","article-title":"Two attacks on a white-box AES implementation","volume-title":"Selected Areas in Cryptography - SAC","author":"Lepoint","year":"2013"},{"key":"2024041716573124800_ref12","first-page":"423","article-title":"A new attempt of white-box AES implementation","volume-title":"Proceedings IEEE Int. Conf. on Security, Pattern Analysis, and Cybernetics, SPAC 2014","author":"Luo","year":"2014"},{"key":"2024041716573124800_ref13","first-page":"85","article-title":"Attacking white-box AES constructions","volume-title":"Proc. 2016 ACM Workshop on Software PROtection, SPRO@CCS 2016, Vienna, Austria, October 24\u201328","author":"McMillion","year":"2016"},{"key":"2024041716573124800_ref14","first-page":"639","article-title":"On self-equivalence encodings in white-box implementations","volume-title":"Selected Areas in Cryptography - SAC 2020 - 27th Int. Conf., Halifax, NS, Canada (Virtual Event), October 21\u201323, Revised Selected Papers","author":"Ranea","year":"2020"},{"key":"2024041716573124800_ref15","first-page":"329","article-title":"Sms4 encryption algorithm for wireless networks","author":"Diffie","year":"2008","journal-title":"IACR Cryptology eprint archive"},{"key":"2024041716573124800_ref16","first-page":"24","article-title":"Chinacrypt","volume-title":"White-box Cryptography and a White-box Implementation of the SMS4 algorithm","author":"Xiao","year":"2009"},{"key":"2024041716573124800_ref17","doi-asserted-by":"crossref","first-page":"2238","DOI":"10.3724\/SP.J.1001.2013.04356","article-title":"Efficient attack to white-box SMS4 implementation","volume":"24","author":"Lin","journal-title":"J. Software"},{"key":"2024041716573124800_ref18","doi-asserted-by":"crossref","first-page":"11928","DOI":"10.3390\/s150511928","article-title":"A lightweight white-box symmetric encryption algorithm against node capture for wsns","volume":"15","author":"Shi","journal-title":"Sensors"},{"key":"2024041716573124800_ref19","doi-asserted-by":"crossref","first-page":"1783","DOI":"10.1093\/comjnl\/bxy068","article-title":"Security evaluation and improvement of a white-box SMS4 implementation based on affine equivalence algorithm","volume":"61","author":"Lin","journal-title":"Comput. J."},{"key":"2024041716573124800_ref20","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1049\/ise2.12045","article-title":"Cryptanalysis of a white-box SM4 implementation based on collision attack","volume":"16","author":"Wang","journal-title":"IET Inf. Secur."},{"key":"2024041716573124800_ref21","doi-asserted-by":"crossref","first-page":"996","DOI":"10.1002\/sec.1394","article-title":"A secure white-box SM4 implementation","volume":"9","author":"Bai","journal-title":"Secur. Commun. Networks"},{"key":"2024041716573124800_ref22","first-page":"651","article-title":"Cryptanalysis of two white-box SM4 implementations","volume":"5","author":"Pan","journal-title":"J. Cryptologic Res."},{"key":"2024041716573124800_ref23","first-page":"358","article-title":"A new method for white-box implementation of SM4 algorithm","volume":"7","author":"Yao","journal-title":"J. Cryptologic Res."},{"key":"2024041716573124800_ref24","first-page":"54","article-title":"Cryptanalysis of two white-box implementations of the SM4 block cipher","volume-title":"Information Security - 24th Int. Conf., ISC 2021, Virtual Event, November 10\u201312, Proc.","author":"Lu","year":"2021"},{"key":"2024041716573124800_ref25","article-title":"Analysis and improvement of white box SM4","volume":"44","author":"Zhang","year":"2022","journal-title":"J. Electron. Inform. Technol"},{"key":"2024041716573124800_ref26","first-page":"33","article-title":"A toolbox for cryptanalysis: linear and affine equivalence algorithms","volume-title":"Advances in Cryptology - EUROCRYPT 2003, Int. Conf. on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, May 4\u20138, Proc.","author":"Biryukov","year":"2003"},{"key":"2024041716573124800_ref27","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1109\/JCN.2016.000043","article-title":"White-box AES implementation revisited","volume":"18","author":"Baek","journal-title":"J. Commun. Networks"},{"key":"2024041716573124800_ref28","first-page":"394","article-title":"Structural cryptanalysis of SASAS","volume-title":"Advances in Cryptology - EUROCRYPT 2001, Int. Conf. on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, May 6\u201310, Proc.","author":"Biryukov","year":"2001"},{"key":"2024041716573124800_ref29","first-page":"475","article-title":"Key-recovery attack on the ASASA cryptosystem with expanding s-boxes","volume-title":"Advances in Cryptology - CRYPTO 2015 - 35th Annual Cryptology Conference, Santa Barbara, CA, USA, August 16\u201320, Proc., Part I","author":"Gilbert","year":"2015"},{"key":"2024041716573124800_ref30","first-page":"215","article-title":"Differential computation analysis: Hiding your white-box designs is not enough","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2016 - 18th Int. Conf., Santa Barbara, CA, USA, August 17\u201319, Proc.","author":"Bos","year":"2016"},{"key":"2024041716573124800_ref31","first-page":"995","article-title":"Overview on SM4 algorithm","volume":"11","author":"Lu","journal-title":"J. Inform. Secur. Res."},{"key":"2024041716573124800_ref32","first-page":"158","article-title":"Analysis of the SMS4 block cipher","volume-title":"Information Security and Privacy, 12th Australasian Conf., ACISP 2007, Townsville, Australia, July 2\u20134, Proc.","author":"Liu","year":"2007"},{"key":"2024041716573124800_ref33","first-page":"63","article-title":"Cryptographic schemes based on the ASASA structure: Black-box, white-box, and public-key (extended abstract)","volume-title":"Advances in Cryptology - ASIACRYPT 2014 - 20th Int. Conf. on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, R.O.C., December 7\u201311, Proc., Part I","author":"Biryukov","year":"2014"},{"key":"2024041716573124800_ref34","doi-asserted-by":"crossref","first-page":"845","DOI":"10.1007\/s00145-017-9272-x","article-title":"Key-recovery attacks on ASASA","volume":"31","author":"Minaud","journal-title":"J. Cryptol."},{"key":"2024041716573124800_ref35","first-page":"103","article-title":"On the ineffectiveness of internal encodings - revisiting the DCA attack on white-box cryptography","volume-title":"Applied Cryptography and Network Security - 16th Int. Conf., ACNS 2018, Leuven, Belgium, July 2\u20134, Proceedings","author":"Bock","year":"2018"},{"key":"2024041716573124800_ref36","doi-asserted-by":"crossref","first-page":"225","DOI":"10.46586\/tches.v2019.i2.225-255","article-title":"Analysis and improvement of differential computation attacks against internally-encoded white-box implementations","author":"Rivain","year":"2019","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"2024041716573124800_ref37","first-page":"399","article-title":"Adaptive side-channel analysis model and its applications to white-box block cipher implementations","volume-title":"Information Security and Cryptology - 17th Int. Conf., Inscrypt 2021, Virtual Event, August 12\u201314, Revised Selected Papers","author":"Tang","year":"2021"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/3\/1087\/57231765\/bxad044.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/3\/1087\/57231765\/bxad044.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,17]],"date-time":"2024-04-17T20:01:42Z","timestamp":1713384102000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/67\/3\/1087\/7190927"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,6]]},"references-count":37,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2023,6,6]]},"published-print":{"date-parts":[[2024,4,14]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxad044","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"type":"print","value":"0010-4620"},{"type":"electronic","value":"1460-2067"}],"subject":[],"published-other":{"date-parts":[[2024,3]]},"published":{"date-parts":[[2023,6,6]]}}}