What’s new in whiteCryption Secure Key Box version 5.23

Posted On

By Team Intertrust


Update includes white-box for web apps and TLS, and more

This week, Intertrust released a new version of whiteCryption Secure Key Box (SKB), our proven white-box cryptography solution for applications. 

A white-box cryptographic library is used to protect keys in sensitive applications. Secure Key Box supports all major ciphers including AES, RSA, and ECC, and a wide variety of functionality, including hashing, message authentication, key wrapping, and key derivation. Secure Key Box ensures that keys always stay encoded, even when in use. It prevents hackers from extracting keys from applications using either static or dynamic methods.

What’s inside

This release includes several feature improvements to Secure Key Box as well as two new add-ons, one to support web apps and the other to protect TLS encryption keys. 

Secure Key Box for Web

Insecure storage of cryptographic keys remains one of the top web application vulnerabilities. On top of this, keys are exposed in computer memory every time a cryptographic operation is performed, where they can be easily extracted. The new SKB for Web add-on brings whiteCryption white-box technology to web applications.

  • Delivers white-box functionality for web applications with an easy to use JavaScript API
  • Ensures your keys are always protected, from both browser-based attacks and those from the underlying operating system
  • Removes the risks of platform-based side-channel attacks
  • Compatible with the Web Crypto API, providing easy integration

Learn more about Secure Key Box for Web

Secure Key Box for TLS

Compromised TLS keys can be used to decrypt communications and read the data, alter the information in transit, or masquerade as a legitimate device. The SKB for TLS add-on applies white-box cryptography to TLS connections to keep these encryption keys safe.

  • Implementation of a TLS library underpinned by white-box cryptography
  • Ensures keys used to establish the connection as well as session keys are always secure
  • Prevents eavesdropping and message manipulation

Learn more about Secure Key Box for TLS

Additional optimizations and improvements

SKB Version 5.23 also includes enhancements to extend cryptographic cipher support and make it even easier to use.

  • HKDF with SHA-256 hashing is now available
  • Supports OpenSSL-compatible and standards-compliant public key formats for ECC
  • Provides detailed documentation for RSA Key generation including examples



whitecryption CTA Banner

Related blog posts


Streaming app security: why you should protect code as well as content

Read more


How application shielding fits into the DevSecOps framework

Read more


How DUKPT key management works in POS environments

Read more