Biblio

With the widespread application of power Internet of Things (IoT), the edge IoT agents are often threatened by various attacks, among which the white-box attack is the most serious. The white-box implementation of the cryptography algorithm can hide key information even in the white-box attack context by means of obfuscation. However, under the specially designed attack, there is still a risk of the information being recovered within a certain time complexity. In this paper, by introducing pseudo states, a new white-box implementation of SM4 algorithm is proposed. The encryption and decryption processes are implemented in the form of matrices and lookup tables, which are obfuscated by scrambling encodings. The introduction of pseudo states could complicate the obfuscation, leading to the great improvement in the security. The number of pseudo states can be changed according to the requirements of security. Through several quantitative indicators, including diversity, ambiguity, the time complexity required to extract the key and the value space of the key and external encodings, it is proved that the security of the proposed implementation could been enhanced significantly, compared with the existing schemes under similar memory occupation.

With the rapid development of power Internet of Things (IoT), the ubiquitous edge agents are frequently exposed in a risky environment, where the white-box attacker could steal all the internal information by full observation of dynamic execution of the cryptographic software. In this situation, a new table-based white-box cryptography implementation of SM4 algorithm is proposed to prevent the attacker from extracting the secret key, which hides the encryption and decryption process in obfuscated lookup tables. Aiming to improve the diversity and ambiguity of the lookup tables as well as resist different types of white-box attacks, the random bijective nonlinear mappings are applied as scrambling encodings of the lookup tables. Moreover, in order to make our implementation more practical in the resource-constrained edge IoT agent, elaborate design is proposed to make some tables reusability, leading to less memory occupation while guaranteeing the security. The validity and security of the proposed implementation will be illustrated through several evaluation indicators.

Traditional web security assessments are evaluated using a single data source, and the results of the calculations from different data sources are different. Based on multi-source data, this paper uses Analytic Hierarchy Process to construct an evaluation model, calculates the weight of each level of indicators in the web security evaluation model, analyzes and processes the data, calculates the host security threat assessment values at various levels, and visualizes the evaluation results through ECharts+WebGL technology.