Call Us: (301) 968-4290
TransformIT Features
Software-based Key Protection Benefits
TransformIT offers the following unique advantages to ensure robust protection of cryptographic keys without impact on performance, development or customer support of your application.
- Effectively hides keys
After transformation, the actual key bits are never formed – not just at rest, but also not in memory or registers at runtime. By preventing the single key from ever showing its face, TransformIT protection thwarts memory dump and memory remanence attacks on your keys. - Effectively prevents dynamic key discovery
TransformIT creates multiple execution paths for a given cryptographic routine, any one of which is invoked probabilistically at run time. This prevents brute force dynamic analysis such as combinatorial attacks and trial-and-error progress. - Tunable
TransformIT converts a single key into a complex, multi-layered graph. Both the depth and breadth of this graph can be tuned, allowing full tradeoff between the level of security enhancement and the increase in binary size or slowdown in cryptographic performance. - Platform Agnostic
TransformIT is a source code based product that works on all C/C++ code and is compatible with any platform using C libraries. TransformIT is also available for Java JNI and C# applications. - Intricately Hookable
TransformIT allows machine constants, hardware IDs and similar node-locking anchors to be tied into cryptographic calculations. This provides strong hardware-software binding, preventing counterfeiting and copying attacks. TransformIT also allows your application to leverage hardware resources like true random number generation (TRNG) and mathematical acceleration when available. - Compatible with Open SSL
TransformIT’s RSA methods are compatible with OpenSSL’s SSL and TLS implementations - Production-friendly
TransformIT offers you the choice of storing the transformed cryptographic keys as a separate data file (typically used when private keys are generated on the production line) or as variables integrated into the protected application (when the keys are known at development time).
