Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
by running the code . The hacker ’ s lack of domain knowledge prevents him from creating additional pieces on his own . The following sequence describes the protection mechanisms of the Blurry Box scheme :
� Assume that program code consists of several function blocks . � Each function block is copied multiple times . � Each copy is modified in such a way that it yields the correct values only for a restricted set of inputs . These modified copies are called variants of the function block . � All variants together cover the entire input range of the original function block . � Variants may be created by , e . g ., deleting operations that are not necessary for a specific interval or by using approximation techniques . � The software developer may aid the variant creation process through the domain knowledge used to build the software . � A wrapper function that maps inputs to the address of the corresponding next variant is created . These wrapper functions are moved into a dongle , which can be done since these functions are sufficiently lightweight to run on restricted hardware
Each function block f [ i ] is split into several variants f [ i , j ] which yield the same values as f [ i ] only on restricted input sets . A wrapper function fw [ i ] maps inputs to the address of the corresponding variant .
Each variant is encrypted with a different key , known as the variant key , using the Advanced Encryption Standard ( AES ) 6 . Each variant key is encrypted with a secret key stored on the dongle . During each program execution , only the variants that correspond to the current set of input are decrypted . The hacker can only see the parts of the program code that correspond to previous input values .
Up to now , the scheme described above can be trivially broken by simply decrypting one variant after another using the dongle . In order to prevent such a trivial attack , traps are introduced . Traps contain special variant keys that , when decrypted , force the dongle to lock itself , invalidating the license . Of course , during normal program execution , traps are never decrypted .
6
Daemen , Joan , and Vincent Rijmen , “ The design of Rijndael : AES-the advanced encryption standard ,” Springer Science & Business Media , 2013
- 10 - June 2016