Call Us: (301) 968-4290
TransformIT Technology
Key Protection based on White Box Cryptography
Arxan’s patent-pending TransformIT technology, based on white box cryptography (WBC), combines mathematical algorithms, data and code obfuscation techniques to conceal the key and related operations. Hence, the key is never present as an entire whole, either in the static application or in runtime memory. By completely concealing the key through transformation, TransformIT plays an important role in safeguarding asset control systems against class hacks, or so-called Break Once Run Everywhere (BORE) attacks
To durably protect decryption keys against automated key discovery attacks, an effective protection solution must have two critical characteristics – the key must never show its face, and data to reconstruct the key must never reside in a predictable location in memory. TransformIT decomposes a single decryption operation into an intricate, multi-path decomposition with many keys. Attackers no longer have a single key to compromise, or a reproducible execution trace for the cryptographic decryption, signing or verification operation. Even if attackers were to find all the key decompositions, they would have no idea how they are related.
In addition, Arxan key protection solution provides automated diversification, which quickly generates many functionally equivalent but structurally diverse implementations of the cryptographic functionality. This makes it nearly impossible to create a BORE exploit that can reliably compromise the target key.
GuardIT application hardening complements TransformIT to provide comprehensive robustness for cryptography-based software and systems. For optimal security, combine TransformIT and GuardIT. As an application becomes subject to hacking, GuardIT’s detection Guards are triggered which then activate custom or standard guard reactions such as key erasure, forced re-activation or traitor tracing , even before the hacker can compromise the application. Together, these technologies provide the strongest, most performance-efficient and cost-effective application protection available today.
