![]() However, if an attacker is able to jailbreak or root a device, they’ll be able to access the keys within the HSM.īy employing white-box cryptography with zKeyBox, teams can employ strong key security that is hardware agnostic and guards against the vulnerabilities posed by unsupported hardware and compromised devices. While many mobile devices and apps employ encryption, these implementations can be vulnerable.įor example, many older devices employ hardware security modules (HSMs) to store cryptographic keys. ![]() This proliferation in mobile device usage offers tremendous benefits for individuals and businesses-and it also introduces unprecedented risks. In recent years, we’ve seen explosive growth in the use of mobile devices to interact with sensitive data, enterprise apps, and critical infrastructure. ![]() With such security in place, it becomes extremely difficult for attackers to locate, modify, or extract keys. Zimperium’s zKeyBox uses white-box cryptography to hide and protect cryptographic keys so that they are never revealed in plaintext - even during the execution of cryptographic algorithms. White-box cryptography ensures that the implementation of cryptographic algorithms is secure even if the attacker controls the device and the execution environment. This is especially true in the case of smartphones, where app binaries are readily available in the app stores for hackers to inspect and tamper with.īy leveraging white-box cryptography, security teams can ensure that attackers can’t find and exfiltrate cryptographic keys using reverse-engineering or dynamic inspection techniques. Further, the reality is that most cryptographic implementations are vulnerable as they do not account for hostile environments. Today, cybercriminals are not trying to break advanced encryption algorithms they are focused on stealing cryptographic keys used by the application. Why Use White-Box Cryptography to Secure Keys
0 Comments
Leave a Reply. |