Key Protection - TransformIT™

Software-Based Key Security

Encryption is the first line of defense to protect data, information systems and digital content against piracy and theft.

Examples include:

  • Encrypting user licenses for software or media
  • Encrypting sensitive customer information, financial information and corporate IP
  • Binding hardware to software
  • Proving identity of users and authenticity of documents
  • Securing communications against eavesdroppers

However, encryption has a single point of failure - the instance at which the secret key is used. This point is easily identifiable through signature patterns and cryptographic routines. As soon as the key shows its face, it is vulnerable to capture by attackers. Once found, an attacker can easily navigate to where the keys will (typically) be constructed in memory. Subsequently, fatal exploits can be easily created. Arxan’s TransformIT™ key transformation technology protects keys in a variety of applications, such as

  • Private repository keys – these are secret asymmetric keys that encrypt large sets of symmetric keys. The symmetric keys are in turn used to encrypt content, data or licenses in DRM, license management and data security applications.

    • Discovery of the repository key will unlock the entire software package, digital content library or database for a given user or installation
    • Scriptable repository key exploits subvert the entire security platform

  • Public authentication keys – these are public asymmetric keys that verify the integrity of signed applications, components or plug-ins, and they form the basis for authentication.

    • Within client applications, replacement of these public keys allows hackers to compromise authentication protocols, allowing arbitrary entities and signatures to be verified thereby facilitating piracy

  • Binding of hardware and software - akey-based authentication techniques are the most common way to tie software to an unique hardware identifier for applications such as subsidized game boxes, DRM applications or software-powered products.

    • Separation of hardware from software enables reverse engineering, counterfeiting and piracy

 

ADS Products
EnforcIT®-H
EnforcIT®-S
TransformIT™
ADS Professional Services
Contact Arxan Defense Systems, Inc.

© Copyright 2008 Arxan Technologies, Inc. All rights reserved.

 Software & Information Industry Association Information Systems Security Association