For true application security, it’s imperative to keep your private keys protected at all times. Hackers can monitor devices with special analysis tools and extract the secret keys. Without efficient key protection, security features are in danger of being broken. One way to protect against hacker is with white-box cryptography.
White-box cryptography provides full visibility of the attacker while keeping security intact. Unlike implementations aimed to hide the encryption key, the new implementation is centered on White-box cryptography, where it is assumed that the attacker can trace the protected application and the run-time environment in search of the encryption key.
Our Cryptanium Secure Key Box is an innovative white-box protected library specifically designed to protect cryptographic keys. It is a library for C/C++/Java that provides an extensive set of high-level classes and methods for operating with the most popular cryptographic algorithms, such as DES, AES, RSA, ECC, ECDSA, DH, ECDH, and SHA. Here are eight key features that you don’t want to be without:
- Comprehensive cryptographic library. Cryptanium Secure Key Box is a precompiled library that can simply replace the sensitive algorithms in an original cryptographic module.
- Keys are always encrypted. Once keys are imported into Cryptanium Secure Key Box, debugging and reverse engineering will not reveal keys in plain form. Algorithms operate directly with encrypted keys.
- Robust white-box implementation. The technology behind Cryptanium Secure Key Box is based on a combination of unique mathematical techniques that enable computations with encrypted data.
- Security is inseparable from the program code. Cryptanium Secure Key Box white-box technologies do not rely on superfluous protection code or libraries, which could be circumvented or removed.
- Diversification. Multiple Cryptanium Secure Key Box packages can be ordered with different binary and data implementations, making it even more difficult for hackers to develop universal tampering schemes.
- Configurability. Features that are not needed can be removed from the Cryptanium Secure Key Box code, greatly reducing the binary size.
- Safe storage of cryptographic keys. Cryptanium Secure Key Box ensures that cryptographic keys are exported, imported, and stored in a unique encrypted format to prevent hackers from reading and altering them.
- Support of static and dynamic keys. Cryptanium Secure Key Box can work with both static keys that are embedded in the code and encrypted dynamic keys that are loaded and decrypted at run time.
These features of Secure Key Box help to deliver unparalleled benefits that ultimately deliver true application security:
- Proven technology
- Robust protection
- Faster time-to-market
- Cost efficiency
- Broad DRM support
- No dependency on security chips
The weak point in cryptographic algorithms is that in today’s open architectures (smartphones, tablets, and desktops), the cryptographic keys are usually revealed in the code or memory at some point. Hackers can monitor devices with special analysis tools and extract the secret cryptographic keys. Without effective protection for cryptographic keys, security features are in danger of being overridden.
Photo credit to Helen Harrop.