The app is the weakest link
Apps utilizing encrypted content use keys to decrypt incoming traffic and encrypt outgoing traffic — operations managed by functions inside the code of the application. If an app’s code is reverse engineered, the keys used to encrypt/decrypt content can be discovered and provide a bad actor what they need to decipher encrypted information. Data resident in an app can be compromised, along with all communications used to interact with back office systems.
Defend the keys
Protecting information you send to users with in-transit symmetric and asymmetric encryption security protects sensitive data from network eavesdropping. Attackers seek to access not only what is sent across the network, but also the app itself and what they receive in their own copy of the app. If cipher keys are uncovered, they can be copied, re-distributed, and used maliciously. Detecting misuse of compromised keys is nearly impossible since they will be used through seemingly legitimate traffic. Key attacks are vulnerable threat vectors. Traditional data protections were not designed to prevent key discovery from reverse-engineering or compromised app code attacks. Strong protection and encryption key management is essential.
Arxan White-Box Cryptography
Arxan Key & Data Protection is a fully featured White-Box Cryptography suite used for protection and encryption key management for crypto systems. White-Box Cryptography is designed to address the concern that an attacker may look not only at data in-transit, but also observe the endpoint where data is decrypted and keys reside. White-Box Cryptography complements existing encryption technologies used as strong in-transit protection and is designed to secure encryption/decryption keys stored within an app. Using mathematical techniques and transformations, White-Box Cryptography combines app code and keys together for cryptographic operations, whereas the keys are then hidden and cannot be extracted from the app.
Arxan Key & Data Protection provides security and value:
- Protects sensitive keys and data - a full-featured White-Box Cryptography suite adding symmetric and asymmetric key protection to any mobile, desktop or server app.
- Easy to install - integrates with all crypto packages, such as OpenSSL, and devices within any architecture - without requiring difficult server side changes.
- Real-time alerting - notifies organizations of attempted code tampering or analysis as it happens. Security teams can quarantine suspicious accounts and update code protections quickly and prevent damage to core business function.
Arxan Key & Data Protectiontech specs
Powerful encryption key management supports all major cryptographic key ciphers, modes, and sizes on iOS, Android, Windows, Mac, and Linux
- AES (128 or 256 bit, CBC, ECB, GCM)
- DES (Single, Triple)
- ECC/DH (Diffie-Hellman)
Secure hashing & HMAC
- SHA-1 / 2 / 3
- HMAC (SHA)
- CMAC (AES)
- DES MAC3
- ECC/EG (EIGamal)
- RSA (1024 or 2048)
- ECC/DSA (Digital Signature Algorithm)
- RSA (1024 or 2048 key size)
Key wrapping & derivation
- NIST & CMLA Key Wrapping
- NIST, CMLA, & OMA Key Derivation
The Arxanenterprise solution
Multi-layered application protection
Adaptive app and data protection prevents tampering, IP theft, and reverse engineering — Learn More
Visibility and intelligence
Real-time analytics and predictive intelligence against potential threats — Learn More
Advanced threat team
Industry-recognized security thought-leaders with more than 50 years of experience — Learn More
Enterprise customer success
Comprehensive suite of services, tailored to each enterprise’s singular needs — Learn More