Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
Each variant is encrypted with a different key . In order to prevent an adversary from decrypting each variant , traps are introduced . Traps contain code that , when decrypted , forces the dongle to lock itself .
Note that the dongle is used only for determining the address of the next variant and for decrypting variant keys . The dongle has a state storage for detecting illegal sequences of variants which , like traps , causes the dongle to lock itself . This prevents replay attacks , since the hacker cannot go back to any previous point of the program without running it all over again .
The wrapper functions are moved |
into the dongle . In addition , the |
dongle has a state storage for |
detecting |
illegal |
sequences |
of |
variants . |
|
|
|
4.2 SECURITY GUARANTEE AND ASSUMPTIONS
The security goal is to prevent a hacker from constructing a copy of a protected program that can be executed without a dongle . The following will reveal how the Blurry Box scheme meets this security goal .
One attack strategy would run the program and store all variants that are decrypted during the program ’ s execution . This type of attack is called a Copy-and-Paste attack . If the program is sufficiently complex , it is not feasible to retrieve all variants with this strategy , because a hacker using only a Copy-and-Paste strategy would have to run the program for an impractically large set of input values .
Hackers therefore need to find a way to go beyond Copy-and-Paste attacks . If a hacker does come up with additional variants given already decrypted ones , he could completely bypass the protection . This is where the assumption becomes important that a hacker has almost none of
IIC Journal of Innovation - 11 -