Security Encyclopedia

Whitebox Encryption

White-box Cryptography is a type of encryption that can be used for advanced mobile device protection. It is often implemented to protect private keys that are swimming in the rich operating system, rather than secured in the most trusted area of the device, which would be a hardware trusted platform module (TPM).

Whitebox encryption prevents the exposure of valuable information by obfuscating the data but also storing it in random data and within the code itself. This makes it difficult to achieve malicious attacks on devices such as from malware, such rooting, and jailbreaking. By leveraging whitebox cryptography for both secure storage and cryptographic functions (e.g. signing), white box encryption — as part of a larger offering — can ensure authentication channels and private keys are kept safe from attacks targeted a device’s operating system.

In instances where an app’s security does not store authentication keys in the TPM, the keys would be more vulnerable to specific attacks where the devices are overtaken and its contents analyzed. White-box encryption is software but it mimics the difficulty that key extraction would have were the keys stored in the TPM.

A white-box attack is any kind of attack that attempts to remove or reveal the private keys held inside. White-box cryptography is a complex layer of encryption that makes the key removal by driving up the costs and efforts to where a successful attack is infeasible.

Example:

“White-box cryptography, when added to a mobile security solution, helps prevent a lost, stolen, or malware-compromised device from being reverse engineered to extract sensitive information such as authentication keys.”