Cryptographic algorithms are used to protect digital assets and sensitive data, to authenticate communication partners and to verify the authenticity of signatures. The weak point of cryptographic algorithms is that on insecure and open environments, such as on smartphones, tablet PCs, embedded devices, and desktops, the cryptographic keys are at some point visible and accessible by adversaries. Without an efficient protection of cryptographic keys, security features are in danger to be broken, resulting in software and content piracy, illegal data access, business models being compromised, and entire device ecosystems exploited.
whiteCryption Secure Key Box (SKB) is a white-box cryptography library that is used to perform standard cryptographic operations, such as encrypting and decrypting data, generating and verifying signatures, calculating digests, and computing shared secrets. The white-box cryptography implementations of the cryptographic algorithms are designed to always operate on encrypted keys. The keys are never exposed in plain form before, during, or after execution.
Utilizing whiteCryption SKB enables software producers, content distributors, and hardware manufacturers to protect their digital assets and intellectual property in open and insecure environments.
whiteCryption SKB provides an unprecedented level of protection for cryptographic keys. It creates a unique shield for all cryptographic operations of an application, ensuring that the secret keys are never shown, neither in the static binary code nor in run-time memory. This means that systems integrated with whiteCryption SKB can be safely deployed in open environments, such as mobile devices, desktop computers, and game consoles.
whiteCryption SKB exposes a simple C interface that provides access to a set of cryptographic functions, including AES, RSA, ECC, SHA, HMAC, and CMAC. The white-box protected algorithms provided by whiteCryption SKB are intended to replace the native unprotected algorithms of various security modules. An application that is integrated with whiteCryption SKB interacts with the cryptographic features via the whiteCryption SKB API. The internal keys are never exposed in plain form to the calling application or to the outside world.