Solution Overviews

Datasheet: Cloakware® Software Protection for Medical Apps

Issue link: https://resources.irdeto.com/i/1130809

Contents of this Issue

Navigation

Page 1 of 1

www.irdeto.com 2 © 2019 Irdeto. All Rights Reserved. KEY TECHNOLOGIES & FEATURES Platform specific protections Anti-debug. Debuggers are one of the most invaluable tools in a hacker's arsenal, giving them full visibility into your app's execution and data. Effective anti-debug is key to frustrating a hacker's efforts. CSP has a portfolio of anti-debug variants, the two most relevant to mobile device apps are Signal-based (SBAD) for Android/Linux and Ptrace-based (PBAD) for iOS. Jailbreak / Root detection and anti-hooking. Attackers wishing to gain full control over their mobile devices as part of application analysis and tampering will often take advantage of available tools for jailbreaking (iOS) or 'rooting' (Android / Linux) the device. CSP provides a constantly evolving suite of techniques to frustrate this. Also, CSP checks for hooking frameworks and integrity of critical system APIs to combat hooking of the calls. Fingerprinting, secure storage. CSP provides a flexible library to help you turn device parameters and attributes into a unique fault-tolerant fingerprint that can help ensure your application is running on the device it is licensed to. Additionally, a fingerprint can be used to create a cryptographically secured storage to node-lock your critical secrets and data to a specific device, preventing sharing. Integrity verification IV makes sure that your applications cannot be tampered with, either statically or dynamically, without detection. It is a critical element to establish trust in an untrusted environment. Cloakware supports secure generation of both build-time and run-time IV signatures, so you can deploy a robust IV even in environments where the application binary is not finalized at build time, such as iOS bitcode. IV provides a set of API calls that can be woven into your application so that checking occurs regularly. These are callback APIs so that if a check fails CSP has control of the success path, ensuring that tampered software won't follow the correct program flow. Cloakware whitebox cryptography Cloakware's whitebox cryptography implements standard cryptographic algorithms in a way that hides the critical keys even in hostile environments like mobile devices where the hacker may have complete visibility of the cryptographic operations. Popular, trusted ciphers like AES, ECC and RSA, some of the most thoroughly studied algorithms, can be used without fear of whitebox attacks on your application. Anti-Hooking Code & Data Entanglement Fingerprinting Secure Storage Diversity API Protection File Encryption Integrity Verification Whitebox Cryptography Transformation / Obfuscation Security Telemetry Renewability Anti-Debug Figure 1. Major components and functionality of Cloakware Software Protection Irdeto is a pioneer in security, with its technology protecting over US$ 750M in payments and over 5 billion devices and applications against cyberattacks for some of the world's best known brands. For nearly 50 years, Irdeto has worked with software application providers, connected device manufacturers, pay-media operators and content creators to secure their products and business. Irdeto, a subsidiary of Naspers (JSE: NPN), is headquartered in the Netherlands with 19 locations worldwide. Visit http://www.irdeto.com. Whitebox cryptography can be used in a medical application to secure data and protect communications end-to-end without worry of Man In The Middle (MITM) or spoofing attacks. Cloakware transcoder Code transformation and obfuscation is performed by the Cloakware source-to-source transcoder. The transcoder uniquely entangles code and data to make medical applications highly resistant to reverse engineering and tampering attacks. Algorithmic in nature, the Cloakware transcoder easily creates diverse instances from random seeds for great renewability and enhanced robustness. The transcoder is used to protect CSP itself, especially whitebox cryptography, integrity verification and the platform specific features. This ensures that the overall solution is extremely robust, with diversity, renewability and a multi- layered, integrated approach to software protection. The transcoder can also be used selectively in your applications, with flexible levels of protection, to secure libraries, proprietary software, IP, customer secrets and data. CONTACT US For more information on Cloakware Software Protection; Visit: https://irdeto.com/cloakware-software-protection/ Or: https://irdeto.com/contact-us/

Articles in this issue

Links on this page

view archives of Solution Overviews - Datasheet: Cloakware® Software Protection for Medical Apps