Systems and methods for implementing block cipher algorithms on attacker-controlled systems

摘要

Systems and methods for an implementation of block cipher algorithms (e.g., AES) use lookup tables to obscure key information, increasing difficulty of reverse engineering efforts. The implementation encodes round key information into a first plurality of tables (T1), which when used for lookup operations also complete SubBytes operations, and output state in an encoded format. A Shiftrows operation is performed arithmetically on the output state. A second plurality of tables (T2) are used to perform a polynomial multiplication portion of MixColumns operation, and an XOR portion of MixColumns is performed arithmetically on the columns. Encoding from the T1 tables is made to match a decoding built into the T2 tables. Subsets of the T1 tables use the same T2 tables, reducing a memory footprint for the T2 tables. Multiple AES keys can be embedded in different sets of T1 tables that encode for the same set of T2 tables.