计算机应用 ›› 2017, Vol. 37 ›› Issue (2): 483-487.DOI: 10.11772/j.issn.1001-9081.2017.02.0483

• 网络空间安全 • 上一篇    下一篇

白盒攻击环境下的任务规划系统安全传输方法

崔西宁1,2, 董星廷3, 牟明2, 吴姣2   

  1. 1. 西安电子科技大学 计算机学院, 西安 710071;
    2. 中国航空工业集团公司 西安航空计算技术研究所, 西安 710068;
    3. 西安电子科技大学 通信工程学院, 西安 710071
  • 收稿日期:2016-08-01 修回日期:2016-10-18 出版日期:2017-02-10 发布日期:2017-02-11
  • 通讯作者: 崔西宁,cuixining@126.com
  • 作者简介:崔西宁(1964-),男,陕西咸阳人,研究员,博士,CCF高级会员,主要研究方向:分布式安全管理、并行分布式系统、实时操作系统、信息安全;董星廷(1989-),男,山西临汾人,硕士研究生,主要研究方向:密码学、信息安全;牟明(1973-),男,陕西西安人,研究员,硕士,CCF会员,主要研究方向:软件工程、软件测试;吴姣(1987-),女,陕西西安人,工程师,硕士,主要研究方向:嵌入式软件、机载网络。
  • 基金资助:
    国家重大科技专项(2012ZX01041-006)。

Secure transmission method of mission planning system in white-box attack context

CUI Xining1,2, DONG Xingting3, MU Ming2, WU Jiao2   

  1. 1. School of Computer Science and Technology, Xidian University, Xi'an Shaanxi 710071, China;
    2. Xi'an Aeronautical Computing Technique Research Institute, Aviation Industry Corporation of China, Xi'an Shaanxi 710068, China;
    3. School of Telecommunications Engineering, Xidian University, Xi'an Shaanxi 710072, China
  • Received:2016-08-01 Revised:2016-10-18 Online:2017-02-10 Published:2017-02-11
  • Supported by:
    This work is partially supported by the National Major Science and Technology Projects (2012ZX01041-006).

摘要: 针对任务规划系统中的安全传输在白盒攻击环境(WABC)下通信密钥容易被窃取的问题,提出基于修改之后的白盒高级加密标准(白盒AES)的任务规划系统中的安全传输方法。首先,将高级加密标准(AES)拆分成许多查找表,并将密钥嵌入到查找表当中,然后再将查找表按照AES的执行顺序进行合并;其次,在地面按照给出的白盒AES生成算法利用不同的密钥生成不同的白盒AES程序;最后,将这些白盒AES程序嵌入到任务规划系统的安全传输当中,当需要更换密钥时,再在地面将原先的白盒AES程序擦除,生成新的白盒AES。理论分析表明,与传统的任务规划系统中的安全传输相比,修改后的任务规划系统中的安全传输方法可使攻击复杂度提高到291,达到足够的安全强度,可以保护通信密钥。

关键词: 白盒攻击环境, 任务规划系统, 安全传输, 白盒AES, 对偶密码

Abstract: Concerning the problem that the communication keys in transmission of mission planning system were easily stolen in White-Box Attack Context (WBAC), a new secure transmission method of mission planning system was proposed based on modified white-box Advanced Encryption Standard (white-box AES). First, the Advanced Encryption Standard (AES) was split into many lookup tables and the keys were embedded into these lookup tables, then the lookup tables were merged in accordance with the excuting order of the AES. Secondly, on the ground, different white-box AES programs were generated in accordance with the given white-box AES generation algorithms using different keys. In the end, the white-box AES programs were embedded in the security transmission of the mission planning system. When the key needed to be replaced, the original white-box AES program should be erased on the ground to generate a new white-box AES. Theoretical analysis shows that compared with the traditional secure transmission of mission planning system, the modified secure transmission method of mission planning system can make the attack complexity to 291, which achieves the sufficient security and can protect the communication key.

Key words: White-Box Attack Context (WBAC), mission planning system, security transmission, white-box Advanced Encryption Standard (white-box AES), dual cipher

中图分类号: