HMAC obfuscation method for implementation in untrusted systems

D. N. Kolegov; O. V. Broslavsky; N. E. Oleksov

D. N. Kolegov ; O. V. Broslavsky ; N. E. Oleksov

Prikladnaya Diskretnaya Matematika. Supplement, no. 9 (2016), pp. 89-91 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

Résumé

We propose an obfuscation method for using hash-based message authentication codes (MAC) in untrusted systems. Our method is implemented for MAC in a form $H(k,x)=h(k,p_1,h(k,p_2,x))$. The main idea is to use inner states of a hash function $h$. We calculate both $h$ intermediate values in a such way that all key related blocks are already reduced by the hash compression function. That values are $h(epad(k,p_1))$ and $h(epad(k,p_2))$, where $epad$ is a key padding algorithm. Then we use them in functions $h_1$ and $h_2$, which calculate $h$ with the initial block equalled $h(epad(k,p_1))$ and $h(epad(k,p_2))$ respectively. So, accordingly to the following equation, these new functions implement original MAC algorithm: $H(k,x)=h(k,p_1,h(k, p_2, x))=h_1(h_2(x))$.

Keywords: white-box cryptography, HMAC, obfuscation, web application security.
Mots-clés : message authentication codes

@article{PDMA_2016_9_a33,
     author = {D. N. Kolegov and O. V. Broslavsky and N. E. Oleksov},
     title = {HMAC obfuscation method for implementation in untrusted systems},
     journal = {Prikladnaya Diskretnaya Matematika. Supplement},
     pages = {89--91},
     year = {2016},
     number = {9},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDMA_2016_9_a33/}
}

TY  - JOUR
AU  - D. N. Kolegov
AU  - O. V. Broslavsky
AU  - N. E. Oleksov
TI  - HMAC obfuscation method for implementation in untrusted systems
JO  - Prikladnaya Diskretnaya Matematika. Supplement
PY  - 2016
SP  - 89
EP  - 91
IS  - 9
UR  - http://geodesic.mathdoc.fr/item/PDMA_2016_9_a33/
LA  - ru
ID  - PDMA_2016_9_a33
ER  -

%0 Journal Article
%A D. N. Kolegov
%A O. V. Broslavsky
%A N. E. Oleksov
%T HMAC obfuscation method for implementation in untrusted systems
%J Prikladnaya Diskretnaya Matematika. Supplement
%D 2016
%P 89-91
%N 9
%U http://geodesic.mathdoc.fr/item/PDMA_2016_9_a33/
%G ru
%F PDMA_2016_9_a33

D. N. Kolegov; O. V. Broslavsky; N. E. Oleksov. HMAC obfuscation method for implementation in untrusted systems. Prikladnaya Diskretnaya Matematika. Supplement, no. 9 (2016), pp. 89-91. http://geodesic.mathdoc.fr/item/PDMA_2016_9_a33/

Bibliographie
Cité par

[1] White-Box Cryptography: Protecting Cryptographic Keys in Software Applications, http://www.whiteboxcrypto.com/

[2] Chow W. S., Eisen P., Johnson H., Van Oorschot P. C., “A White-box DES Implementation for DRM Applications”, LNCS, 2696, 2003, 1–15 | Zbl

[3] Chow W. S., Eisen P., Johnson H., Van Oorschot P. C., “White-Box Cryptography and an AES Implementation”, LNCS, 2595, 2003, 250–270 | MR | Zbl

[4] RFC 2104. HMAC: Keyed-Hashing for Message Authentication, https://tools.ietf.org/html/rfc2104

[5] Menezes A. J., Van Oorschot P. C., Vanstone S. A., Handbook of Applied Cryptography, CRC Press, N.Y., 1997 | MR | Zbl

[6] jCrypto: White-Box Cryptography Tools for ECMAScript Language, https://github.com/tsu-iscd/jcrypto

Parcourir par

Geodesic

Parcourir par