SafeNet thinks outside the "Black Box"
SafeNet has announced the industry's first software protection solution to include white box cryptography. The SafeNet Sentinel portfolio of software licensing and protection solutions now includes new functionality that protects security algorithms from attacks in "white box"environments, where attackers traditionally have been able to freely observe and alter dynamic code execution and internal algorithm details at will.
"Our white box solution assumes that attackers have full visibility. It replaces the exposed algorithm and encryption keys with special application libraries that minimize the attack surface. This methodology ensures that the protected keys remains hidden from hackers and are less susceptible to reconstruction during attacks," said Michael Zunke, Chief Technology Officer, Software Monetization Solutions, SafeNet.
With SafeNet's white box solution, communication between protected applications and hardware tokens is fully encrypted, ensuring that the data passing through the secure channel cannot be replayed. Unlike traditional solutions that simply aim to hide encryption keys, SafeNet's implementation is centred on white box cryptography, which assumes that attackers can trace protected applications and run-time environments in search of encryption keys. With this assumption as part of the design, the algorithm and encryption keys are replaced with proprietary API (Application Programming Interface) libraries that implement the same encryption but embed the encryption key as part of the algorithm in a way that ensures it is never present in memory and, therefore, cannot be extracted.
For More Details See
www.varindia.com
Comments
Post a Comment