-
摘要:
基于SM4算法的白盒密码视频数据共享系统是一种保障监控视频数据跨级跨域共享安全的系统,提出了一种基于国密SM4算法的白盒密码实现方式,并分析了算法的安全性,解决了SM4算法在非信任硬件环境中的安全运行问题。研制了基于后台权限控制机制的视频数据安全共享软件系统,包括共享数据上传/下载、共享审核、数据白盒加密处理、访问控制、基于白盒密码算法的共享视频解密播放器,实现了视频数据共享全过程的安全管控。搭建了实验环境,对所提系统进行了功能性能实验。实验结果表明,所提系统功能性能满足设计要求。
Abstract:White-box cryptographic video data sharing system based on SM4 algorithm is a system that guarantees the security of cross-level and cross-domain sharing of surveillance video data.In this paper, we propose a white-box cipher implementation method based on SM4 cryptographic algorithm, and analyze the security of the algorithm, solves the problem how the SM4 algorithm can compute safely in untrusted hardware environments.In addition, we developed a video data security sharing software system based on background permission control mechanism, including shared video data upload/download, sharing audit, data white-box encryption, access control functions, and shared video decryption player based on white-box cryptographic algorithm, realizing the security management and control of the entire process of video data sharing.Then we set up the experimental environment, and the system's functional performance experiment was performed. The experimental results show that the system's functional performance meets the design requirements.
-
Key words:
- white-box cryptography /
- SM4 algorithm /
- encryption /
- video data /
- secure sharing
-
表 1 白盒加密算法速率实验值
Table 1. Experimental value of white-box encryption algorithm rate
编号 加密数据量/Gbit 加密时间/s 加密速率/(Gbit·s-1) 1 1 0.923 1.08 2 1 0.943 1.06 3 1 0.901 1.10 表 2 SM4加密算法速率实验值
Table 2. Experimental value of SM4 encryption algorithm rate
编号 加密数据量/Gbit 加密时间/s 加密速率/(Gbit·s-1) 1 1 0.840 1.190 2 1 0.825 1.212 3 1 0.836 1.196 -
[1] 中华人民共和国公安部.公共安全视频监控联网信息安全技术要求: GB 35114-2017[S].北京: 中国标准出版社, 2017: 4-5.Ministry of Public Security of the PRC.Technical requirements for information security of video surveillance network system for public security: GB 35114-2017[S].Beijing: China Standard Press, 2017: 4-5(in Chinese). [2] COLLBERG C, NAGRA J.软件加密与解密[M].崔孝晨, 译.北京: 人民邮电出版社, 2012: 5-6. https://www.ituring.com.cn/book/795COLLBERG C, NAGRA J.Surreptitious software:Obfuscation, watermarking, and tamperproofing for software protection[M].CUI X C, translated.Beijing:Posts & Telecom Press, 2012:5-6(in Chinese). https://www.ituring.com.cn/book/795 [3] ANDERSON R, KUHN M.Low cost attacks on tamper resistant devices[C]//Security Protocols 1997.Berlin: Springer, 1997: 125-136. https://www.zhangqiaokeyan.com/open-access_resources_thesis/0100056189752.html [4] BIHAM E, SHAMIR A.Differential fault analysis of secret key cryptosystems[C]//17th Annual International Cryptology Conferenceon Advances in Cryptology.Berlin: Springer, 1997: 513-525. https://www.researchgate.net/publication/2269851_Differential_Fault_Analysis_of_Secret_Key_Cryptosystems [5] BIHAM E, SHAMIR A.Power analysis of the key scheduling of the AES candidates[C]//2nd AES Candidate Conference, 1999: 22-23. https://www.researchgate.net/publication/239666203_Power_Analysis_of_the_Key_Scheduling_of_the_AES_Canditates [6] BONEH D, DEMILLO R A, LIPTON R J.On the importance of eliminating errors in cryptographic computations[J].Journal of Cryptology, 2001, 14(2):101-119. http://cn.bing.com/academic/profile?id=ad6745446d405cc4eb435a2b80948861&encoded=0&v=paper_preview&mkt=zh-cn [7] CHOW S, EISEN P, JOHNSON H, et al.White-box cryptography and an AES implementation[C]//Cryptography-SAC 2002.Berlin: Springer, 2002: 250-270. doi: 10.1007/3-540-36492-7_17 [8] 周洁, 白健.基于余数系统的SM2签名算法的白盒实现[C]//中国密码学会2017年会, 2017: 71-73.ZHOU J, BAI J.White box implementation of the SM2 signature algorithm based on the remainder system[C]//Chinese Association for Cryptologic Research 2017 Annual Meeting, 2017: 71-73(in Chinese). [9] 潘文伦, 秦体红, 贾音, 等.对两个SM4白盒方案的分析[J].密码学报, 2018, 5(6):651-670.PAN W L, QIN T H, JIA Y, et al.Analysis of two SM4 white box scenarios[J].Journal of Cryptologic Research, 2018, 5(6):651-670(in Chinese). [10] CHOW S, EISEN P, JOHNSON H, et al.A white-box DES implementation for DRM applications[C]//Digital Rights Management-DRM 2002.Berlin: Springer, 2003: 1-15. [11] XIAO Y Y, LAI X J.White-box crytography and implementation of SMS4[C]//Proceedings of the 2009 CACR Annual Meeting.Beijing: Science Press, 2009: 24-34. [12] BILLET O, GILBERT H, ECH-CHATBI C.Cryptanalysis of a white box AES implementation[C]//Selected Areas in Cryptography-SAC 2004.Berlin: Springer, 2005: 227-240. [13] 国家密码管理局.SM4分组密码算法: GM/T 0002-2012[S].北京: 中国标准出版社, 2012. http://www.doc88.com/p-5037490963262.htmlState Cryptography Administration Office of Security Commercial Code Administration.SM4 block cipher algorithm: GM/T 0002-2012[S].Beijing: China Standard Press, 2012(in Chinese). http://www.doc88.com/p-5037490963262.html [14] 国家密码管理局.信息安全技术SM4分组密码算法: GB/T 32907-2016[S].北京: 中国标准出版社, 2016. http://www.doc88.com/p-6406486835803.htmlState Cryptography Administration Office of Security Commercial Code Administration.Information security technology-SM4 block cipher algorthm: GB/T 32907-2016[S].Beijing: China Standard Press, 2016(in Chinese). http://www.doc88.com/p-6406486835803.html [15] 吕述望, 苏波展, 王鹏, 等.SM4分组密码算法综述[J].信息安全研究, 2016(11):995-1007. http://www.cnki.com.cn/Article/CJFDTotal-XAQY201611005.htmLU S W, SU B Z, WANG P, et al.Overview on SM4 algorithm[J].Journal of Information Security Research, 2016(11):995-1007(in Chinese). http://www.cnki.com.cn/Article/CJFDTotal-XAQY201611005.htm [16] 国家密码管理局.SM3密码杂凑算法: GM/T 0004-2012[S].北京: 中国标准出版社, 2012. http://www.doc88.com/p-9953839177988.htmlState Cryptography Administration Office of Security Commercial Code Administration.SM3 cryptographic hash algorithm: GM/T 0004-2012[S].Beijing: China Standard Press, 2012(in Chinese). http://www.doc88.com/p-9953839177988.html [17] MICHIELS W, GORISSEN P, HOLLMANN H D L.Cryptanalysis of a generic class of white-box implementations[C]//The Selected Areas in Cryptography.Berlin: Springer, 2009: 414-428.