Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
by running the code. The hacker’ s lack of domain knowledge prevents him from creating additional pieces on his own. The following sequence describes the protection mechanisms of the Blurry Box scheme:
� Assume that program code consists of several function blocks. � Each function block is copied multiple times. � Each copy is modified in such a way that it yields the correct values only for a restricted set of inputs. These modified copies are called variants of the function block. � All variants together cover the entire input range of the original function block. � Variants may be created by, e. g., deleting operations that are not necessary for a specific interval or by using approximation techniques. � The software developer may aid the variant creation process through the domain knowledge used to build the software. � A wrapper function that maps inputs to the address of the corresponding next variant is created. These wrapper functions are moved into a dongle, which can be done since these functions are sufficiently lightweight to run on restricted hardware
Each function block f [ i ] is split into several variants f [ i, j ] which yield the same values as f [ i ] only on restricted input sets. A wrapper function fw [ i ] maps inputs to the address of the corresponding variant.
Each variant is encrypted with a different key, known as the variant key, using the Advanced Encryption Standard( AES) 6. Each variant key is encrypted with a secret key stored on the dongle. During each program execution, only the variants that correspond to the current set of input are decrypted. The hacker can only see the parts of the program code that correspond to previous input values.
Up to now, the scheme described above can be trivially broken by simply decrypting one variant after another using the dongle. In order to prevent such a trivial attack, traps are introduced. Traps contain special variant keys that, when decrypted, force the dongle to lock itself, invalidating the license. Of course, during normal program execution, traps are never decrypted.
6
Daemen, Joan, and Vincent Rijmen,“ The design of Rijndael: AES-the advanced encryption standard,” Springer Science & Business Media, 2013
- 10- June 2016