White-Box Cryptography

What is White-Box Cryptography?

The term “white-box cryptography” (WBC) describes a secure implementation of cryptographic algorithms in an execution environment, such as on a desktop computer or a mobile device, which is fully observable and modifiable by an attacker. White-box cryptography is intended for any security system that employs cryptographic algorithms and keys, and that is executed in an open and untrusted environment, such as on a desktop computer, mobile device, or embedded system.

Arxan’s White-Box Cryptography

Arxan’s robust white-box cryptography solution protects:

  • Static keys – Embedded in an application when it ships
  • Dynamic keys – Generated on the fly at run-time
  • Sensitive user-data

Our solution offers a range of benefits:

  • Delivers stronger security than any other white-box cryptography solution
  • Supports all major cryptography standards and functionality
  • Offers a smaller footprint than other white-box cryptography solutions
  • Achieves better performance

Our solution is a sophisticated implementation of white-box cryptography. It combines mathematical algorithm with data and code obfuscation techniques to transform the key and related operations so keys cannot be discovered. The keys are never present in static form or in memory at runtime.

The Arxan solution works by clearly separating the data into two domains:

  • Open Domain – Contains data that the application needs to access. All code and data can be understood by the attacker
  • Encrypted Domain – Contains keys, cryptographic routines and any sensitive data

This approach, from an attacker’s point of view, makes it impossible to meaningfully interpret the data within the encrypted domain.