More Videos...
 

Using Virtual Machine Protections to Enhance Whitebox Cryptography

Using Virtual Machine Protections to Enhance Whitebox Cryptography Since attackers can gain full control of the mobile execution environment, they are able to examine the inputs, outputs, and, with the help of a disassembler/debugger the result of every intermediate computation a cryptographic algorithm carries out. Essentially, attackers have total visibility into the cryptographic operation. White box cryptography aims at protecting keys from disclosed in software implementation. With theoretically unbounded resources a determined attacker is able to recover any confidential keys and data. A strong white box cipher implementation as the cornerstone of security is essential for the overall security in mobile environments. Our goal is to provide an increased degree of protection given the constraints of a software-solution and the resource-constrained, hostile-host environments. We seek neither perfect protection nor long-term guarantees, but rather a practical level of protection to balance cost, security and usability. Regular software updates can be applied such that the protection will need to withstand a limited period of time. V-OS operates as a virtual machine (VM) within the native mobile operating system to provide a secure software environment within which to perform critical processes and computations for a mobile app.

Recent Projects

More +