一种针对分组密码软件的 APT 后门及其防范
随着计算机技术及信息化的高速发展, 软件已经广泛应用于各行各业, 利用软件后门获取敏感信息的攻击事件不断发生, 给国计民生的重要领域带来很大损失. 通常, 软件后门的隐蔽性和其强大功能之间是矛盾的, 冗长的代码、复杂的功能往往导致后门的代码特征或行为特征过于明显. 本文借助差分故障分析、逆向分析、高级持续性威胁等技术, 给出了一种向分组密码软件植入后门的可行方案, 并以 DES 加密软件为载体进行了实现. 我们将后门激活时输出的故障密文、后门未激活时输出的正确密文进行结合, 通过差分故障分析最终恢复了完整的 DES 密钥. 该后门具有隐蔽性强、植入简单、危害性大等特点, 可作为一种高级持续性威...
Saved in:
| Published in | Journal of Cryptologic Research Vol. 8; no. 1; p. 65 |
|---|---|
| Main Authors | , , , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
Beijing
Chinese Association for Cryptologic Research, Journal of Cryptologic Research
25.02.2021
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2097-4116 |
| DOI | 10.13868/j.cnki.jcr.000420 |
Cover
| Abstract | 随着计算机技术及信息化的高速发展, 软件已经广泛应用于各行各业, 利用软件后门获取敏感信息的攻击事件不断发生, 给国计民生的重要领域带来很大损失. 通常, 软件后门的隐蔽性和其强大功能之间是矛盾的, 冗长的代码、复杂的功能往往导致后门的代码特征或行为特征过于明显. 本文借助差分故障分析、逆向分析、高级持续性威胁等技术, 给出了一种向分组密码软件植入后门的可行方案, 并以 DES 加密软件为载体进行了实现. 我们将后门激活时输出的故障密文、后门未激活时输出的正确密文进行结合, 通过差分故障分析最终恢复了完整的 DES 密钥. 该后门具有隐蔽性强、植入简单、危害性大等特点, 可作为一种高级持续性威胁的手段. 最后, 我们给出了该类后门的防御措施, 对后门植入和防范问题进行了辩证地讨论. |
|---|---|
| AbstractList | 随着计算机技术及信息化的高速发展, 软件已经广泛应用于各行各业, 利用软件后门获取敏感信息的攻击事件不断发生, 给国计民生的重要领域带来很大损失. 通常, 软件后门的隐蔽性和其强大功能之间是矛盾的, 冗长的代码、复杂的功能往往导致后门的代码特征或行为特征过于明显. 本文借助差分故障分析、逆向分析、高级持续性威胁等技术, 给出了一种向分组密码软件植入后门的可行方案, 并以 DES 加密软件为载体进行了实现. 我们将后门激活时输出的故障密文、后门未激活时输出的正确密文进行结合, 通过差分故障分析最终恢复了完整的 DES 密钥. 该后门具有隐蔽性强、植入简单、危害性大等特点, 可作为一种高级持续性威胁的手段. 最后, 我们给出了该类后门的防御措施, 对后门植入和防范问题进行了辩证地讨论. |
| Author | 王安 祝烈煌 张宇 丁瑶玲 董永银 |
| Author_xml | – sequence: 1 fullname: 王安 – sequence: 2 fullname: 董永银 – sequence: 3 fullname: 祝烈煌 – sequence: 4 fullname: 张宇 – sequence: 5 fullname: 丁瑶玲 |
| BookMark | eNotjz1Lw0Ach2-oYK39Ak4F58T730tyGUvxDQo61LnkLhdolKQmdlespRTfcFGc3HQLOBSl-G16pPkWBnT6bc_z_DZQLU5ijdAWYBuocMROZKv4dGBHKrUxxozgGqoT7LkWA3DWUTPLBhJz7lBBGNSRWH5dFu935dPU5N9mOikWY5NPirer1U--XMyL13Grfdxrmcf78vnDPMzMzbx8-VzdXm-itdA_y3TzfxvoZG-31zmwukf7h5121xoCEY5FpZAKNPUYMK6YSxTDWkvBQPmMCRloHsgwEFJqRZhyIPBdXpVRkFyFMqANtP3HHabJ-UhnF_0oGaVxpewT4XGobmBOfwGLpluQ |
| ContentType | Journal Article |
| Copyright | 2021. This work is published under http://www.jcr.cacrnet.org.cn/EN/column/column4.shtml Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2021. This work is published under http://www.jcr.cacrnet.org.cn/EN/column/column4.shtml Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | 8FE 8FG ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- P5Z P62 PHGZM PHGZT PIMPY PKEHL PQEST PQGLB PQQKQ PQUKI PRINS |
| DOI | 10.13868/j.cnki.jcr.000420 |
| DatabaseName | ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) ProQuest Central UK/Ireland Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Central Technology Collection ProQuest One Community College ProQuest Central ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic (New) Publicly Available Content Database ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic ProQuest One Academic UKI Edition ProQuest Central China |
| DatabaseTitle | Publicly Available Content Database Advanced Technologies & Aerospace Collection Computer Science Database ProQuest Central Student Technology Collection ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection ProQuest One Academic Eastern Edition ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central Advanced Technologies & Aerospace Database ProQuest One Applied & Life Sciences ProQuest One Academic UKI Edition ProQuest Central Korea ProQuest Central (New) ProQuest One Academic ProQuest One Academic (New) |
| DatabaseTitleList | Publicly Available Content Database |
| Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| GroupedDBID | -SI -S~ 8FE 8FG ABUWG AFKRA ALMA_UNASSIGNED_HOLDINGS ARAPS AZQEC BENPR BGLVJ CAJEI CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- P62 PB1 PB9 PHGZM PHGZT PIMPY PKEHL PQEST PQGLB PQQKQ PQUKI PRINS Q-- |
| ID | FETCH-LOGICAL-p1286-3b8bc1e394145c472c40eeb841ca448bde5dbfd8bbec24c61da7524131b5cfbd3 |
| IEDL.DBID | 8FG |
| ISSN | 2097-4116 |
| IngestDate | Mon Jun 30 14:51:36 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 1 |
| Language | Chinese |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-p1286-3b8bc1e394145c472c40eeb841ca448bde5dbfd8bbec24c61da7524131b5cfbd3 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| OpenAccessLink | https://www.proquest.com/docview/2895182405?pq-origsite=%requestingapplication% |
| PQID | 2895182405 |
| PQPubID | 6503834 |
| ParticipantIDs | proquest_journals_2895182405 |
| PublicationCentury | 2000 |
| PublicationDate | 2021-02-25 |
| PublicationDateYYYYMMDD | 2021-02-25 |
| PublicationDate_xml | – month: 02 year: 2021 text: 2021-02-25 day: 25 |
| PublicationDecade | 2020 |
| PublicationPlace | Beijing |
| PublicationPlace_xml | – name: Beijing |
| PublicationTitle | Journal of Cryptologic Research |
| PublicationYear | 2021 |
| Publisher | Chinese Association for Cryptologic Research, Journal of Cryptologic Research |
| Publisher_xml | – name: Chinese Association for Cryptologic Research, Journal of Cryptologic Research |
| SSID | ssib055638241 ssib058688234 |
| Score | 2.2289968 |
| Snippet | 随着计算机技术及信息化的高速发展, 软件已经广泛应用于各行各业, 利用软件后门获取敏感信息的攻击事件不断发生, 给国计民生的重要领域带来很大损失. 通常, 软件后门的隐蔽性和其强大功能之间是矛盾的, 冗长的代码、复杂的功能往往导致后门的代码特征或行为特征过于明显.... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| StartPage | 65 |
| SubjectTerms | Algorithms Encryption Reverse engineering Software |
| Title | 一种针对分组密码软件的 APT 后门及其防范 |
| URI | https://www.proquest.com/docview/2895182405 |
| Volume | 8 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1NSwJBGB5KL12iqOjDxEPXUWd3Znc8hYUmQSKh4E12ZmcpAzO1S6ciE4m-6FJ06lY3oYMU0r9xUf9FM9tah6DzMIeZ9-V9nvcbgDWDEdMyLQpFAjlQ4q0DKRIIEpNpglqOLXTVjbyTNTIFvF0kRT_gVvfLKsc20TPU9iFXMfKYdAyI5MKSX6xXj6DaGqWyq_4KjUkQRBJplJ7T9NZYn9TsK3njR38JNSSf9BLNWjxhQoyQ4ffR6PIoVo7yysF-tMxr3gxPLf7HPnugk54B0z5bjCS_xTsLJk725gDtv58OXq5H92238-G2W4Ne0-20Bs9nw89Ov9cdPDUjyVw-4t7djB5e3dtL96I7enwbXp3Pg0I6ld_MQH8BAqxK2DCgzijjSOgJjDDh2NQ4jgvBKEbckm4VswWxmWNTJgWhYW4g2zKJSpQhRrjDbH0BBCqHFbEIIlgyA8txJDgjhrmmJYSpE865oTKpumktgdD4qSVfi-ul3z9f_v94BUxpqtZDtXqTEAg0asdiVYJ1g4U9iYRBcCOVze1-Ae3gpC0 |
| linkProvider | ProQuest |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1JSwMxFA7aHvQiioq7c9BjbJNJZqYHEbdSlxaRFrzVSSaDVqg7oifFBRE3vCievOnJgoeiiP-mQ9t_YVJn9CB48xwISd72vbx8eQAMGIyatmlbUMSQC2W8daGFBILUZFhYtusIXbGRkykjkSHTC3ShDjwHXBj1rDLwiTVH7axydUcekYkBlVhY4ouRtXWoukap6mrQQuNLLWbE7o5M2TaHpyakfAcxjk-mxxPQ7yoA16QvNqDOLMaR0GMEEcqJiTmJCsEsgrgtcxXmCOow17GY3B0m3ECObVJVfUKMcpc5upy3HoSJYrSGQHhsMjU3H2iw-m1LrvHbYqhlSARbK23jaMyEBCHDZ-7ociiSG-L5leWhHN-o_RqKo78iQi3MxZtBk49PtdEvhWoBdXtLrcAqve6XHy-qN6de4c07PSm_H3mFk_LDQeWjUHovlu-PtNG5tOZdX1Zvn7yrM--4WL17qZwftoHMvxxOOwjlV_OiA2hEYhHbdSUcQIxwjGPC1Cnn3FC1W920O0FPsNWsbzeb2R8pd_093A8aEunkbHZ2KjXTDRqxemmiiOa0B4S2NrZFr4QKW6zPl48GFv9bJT4BBa7iVg |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E4%B8%80%E7%A7%8D%E9%92%88%E5%AF%B9%E5%88%86%E7%BB%84%E5%AF%86%E7%A0%81%E8%BD%AF%E4%BB%B6%E7%9A%84+APT+%E5%90%8E%E9%97%A8%E5%8F%8A%E5%85%B6%E9%98%B2%E8%8C%83&rft.jtitle=Journal+of+Cryptologic+Research&rft.au=%E7%8E%8B%E5%AE%89&rft.au=%E8%91%A3%E6%B0%B8%E9%93%B6&rft.au=%E7%A5%9D%E7%83%88%E7%85%8C&rft.au=%E5%BC%A0%E5%AE%87&rft.date=2021-02-25&rft.pub=Chinese+Association+for+Cryptologic+Research%2C+Journal+of+Cryptologic+Research&rft.issn=2097-4116&rft.volume=8&rft.issue=1&rft.spage=65&rft_id=info:doi/10.13868%2Fj.cnki.jcr.000420 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2097-4116&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2097-4116&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2097-4116&client=summon |