1. Field
Embodiments of the present disclosure relate to data encryption techniques, and more particularly, to technologies for enabling efficient data encryption while securing cryptographic security using white-box cryptography (WBC).
2. Discussion of Related Art
Various cryptographic techniques have been developed to transfer confidential data over a communication channel. In the related art, a number of cryptographic algorithms (for example, AES) assume that endpoints on a communication channel are reliable. That is, such an algorithm is intended to provide sufficient security while an attacker can access input/output of the cryptographic algorithm.
Typically, a cryptographic algorithm is implemented as software on a communication device such as a tablet or smartphone. However, software-based implementation of the cryptographic algorithm may be easily accessed by an attacker. An attacker may view binary values that are loaded in a memory on a communication device, change the values, and also control the implemented cryptographic algorithm in any desired way. As described above, when a key used for encryption/decryption is exposed to an attacker through the above memory attack, the attacker may easily decrypt even any cryptogram, and the cryptographic algorithm may be actually useless.
A white-box cryptography (WBC) technique may fundamentally solve the above problem, and its main concept is to make it difficult for an attacker to extract a cryptographic key although the cryptographic algorithm is exposed to an attacker. However, it is widely known that this technique takes more time (for example, several tens of times greater time) in encrypting data than an existing cryptographic technique. Thus, in the present, the WBC is used to encrypt data such as a short message (for example, a cipher key of 128 or 256 bits) and difficult to be used to encrypt a considerable amount of data. For example, many DRM solutions use an encryption/decryption algorithm (for example, a symmetric-key-based algorithm such as AES), irrespective of the WBC, in order to encrypt/decrypt data, and use the WBC only to safely manage a key for the encryption/decryption algorithm. However, despite such key management, there are still security vulnerabilities in that, while an encryption/decryption algorithm that is not implemented using the WBC is performed, a key for the algorithm may be exposed on a memory. Accordingly, a new approach that is robust against a memory attack and provides a quick encryption/decryption is required.