Is the next-generation white box cryptography the new Jedi?

January 11, 2016 bengidley

In Star Wars: The Force Awakens, the sinister First Order dominates the galaxy, with only a small band of trusted resistance fighters left. What’s the link to today’s software world you may ask? It all comes down to the power of cryptography to defeat the dark side.

In this software controlled world the need for software protection is unavoidable. This protection extends to all aspects of day-to-day life. It could be securing your credit card details when shopping on line or a business safeguarding a remote network connection to even protecting premium content such as a blockbuster movie.

The new threat
Black box cryptography is the traditional method used for encrypting information to protect it. The premise is that honest parties control the computer devices and the cryptographic operations are performed free from interference from would-be attackers.

In reality – similar to the Star Wars resistance – there are only a few devices which would fall into this trusted category. The majority of end user devices are easily attacked with malware. You could say that the First Order attackers have rapidly increased their presence and have the ability to access any cryptographic operations performed using the black box method.

Is it really safe to decrypt the secret information contained in the BB-8 droid relating to Luke Skywalker’s whereabouts given this situation?

The new Jedi
Just like the Jedi, white box cryptography is not a new concept. It has been around for years. Here the premise is that you can’t trust the underlying hardware – the device. This software-based solution essentially blends the security key and cryptographic algorithm together and the key is hidden in the code. It only encrypts the critical elements of the program and stores the keys for decryption in a way that is essentially tamper resistant.

Some critics will say that in earlier episodes the Jedi were defeated. And that was the case. There are examples of where white box cryptography has been cracked; for instance Differential Fault Analysis (DFA).

However, the Jedi Masters at Irdeto Research have developed counter measures in our second and third generation of white box cryptography which are resistant to these attacks and many others. In fact they are working on the fourth generation which includes more advanced capabilities that don’t rely on the use of tables

The new world order
With the ever increasing number of connected devices, more and more information being stored in the cloud and Host Card Emulation, being just one example of less reliance on inflexible hardware based security elements; the writing is on the wall. Software protection of the future will need to be software based.

Next-generation white box cryptography combined with proven obfuscation techniques takes the sophistication of software protection to new levels. In the long run the white box approach is the only one which can work when the enemy can use mind tricks to get into your computers mind!

Next-generation white box cryptography – patent pending

Previous Article
Hacking is only 1 threat – litigation looms large
Hacking is only 1 threat – litigation looms large

There’s no doubt about it, cyber-attacks are increasing. A consequence of this is a rise in cybersecurity l...

Next Article
Cyber-attacks: it’s no longer if but when
Cyber-attacks: it’s no longer if but when

The Internet has transformed how businesses operate today. Never before has so much been done online. The d...