SDSRS: A Novel White-Box Cryptography Scheme for Securing Embedded Devices in IIoT

In this article, with the rapid development of industrial Internet of Things, a large number of embedded devices, such as sensors and tag readers, have been widely deployed for gathering and sending data. These devices are commonly unreliable and vulnerable to many threats, because they are located in unattended areas which are vulnerable to device capture attacks. Such environments can be regarded as white-box attack contexts, in which the adversary has total visibility and full control of the implementations. White-box cryptography (WBC) aims to protect implementations of symmetric encryption algorithms in white-box attack contexts. Unfortunately, existing WBC schemes are vulnerable to various attacks, and most of them are insufficiently secure in strict white-box attack contexts. Based on the investigation of existing designs and the corresponding cryptanalysis, we propose a novel design approach for securing WBC schemes, which is named state-dependent selectable random substitutions (SDSRS). It uses SDSRSs to defeat various related white-box cryptanalytic approaches. With special considerations for IIoT systems, such as high performance for supporting real-time applications and small block size for fitting industrial protocols, a concrete WBC scheme designed with the proposed approach has been provided. Our theoretical analysis shows that the proposed scheme is secure. Additionally, experimental results indicate that the scheme performs well in practice, and it is significantly efficient in time and energy consumptions compared with existing secure white-box cryptographic schemes.