Key & Data Protection

Formerly Arxan

Fully featured White-Box Cryptography protects encryption and decryption keys stored within an app whether in transit or at rest.

The App is the Weakest Link; broken link icon

The app is the weakest link

The landscape of business has fully adopted digital transformation. Online business is the new normal, with mobile and web apps leading a new epoch of online commerce, business outreach, and customer experience. As apps continue to grow, so does exposure to online threats - Mobile and web applications are the new endpoints, with the app as the weakest link.


Apps utilize encryption keys to encrypt and decrypt ingoing and outgoing traffic. In the event of an apps source code is reverse engineered, these keys are used by attackers to decipher encrypted information. Data resident within the app can be exfiltrated, along with all communications used to interact with back office systems.

Defend the Keys; Shield and key icon

Defend the keys

Protecting information using symmetric and asymmetric key encryption protects data from network eavesdropping. Attackers seek to access not only what is sent across the network, but also to compromise the app itself. 


Key attacks are vulnerable threat vectors. If encryption keys are compromised, each can be copied, re-distributed, and used for malicious purposes. Detecting misuse of compromised keys is nearly impossible, as they are used through seemingly legitimate traffic. Traditional data protections were not designed to prevent key discovery from reverse-engineering or app code attacks. A strong encryption key protection solution is essential for business. White-Box Cryptography icon White-Box Cryptography Key & Data Protection is a fully featured White-Box Cryptography suite used for protection and encryption key management for crypto systems. White-Box Cryptography is designed to address the concern that an attacker may look not only at data in-transit, but also observe the endpoint where data is decrypted and keys reside. White-Box Cryptography complements existing encryption technologies used as strong in-transit protection and is designed to secure encryption/decryption keys stored within an app. Using mathematical techniques and transformations, White-Box Cryptography combines app code and keys together for cryptographic operations, whereas the keys are then hidden and cannot be extracted from the app. Key & Data Protection provides security and value:

  • Protects sensitive keys and data – a full-featured White-Box Cryptography suite adding symmetric and asymmetric key protection to any mobile, desktop, or server app.
  • Easy to install – integrates with all crypto packages, such as OpenSSL, and devices within any architecture, without requiring difficult server side changes.
  • Real-time alerting – notifies organizations of attempted code tampering or analysis as it happens. Security teams can quarantine suspicious accounts and update code protections quickly and prevent damage to core business function.
Differential Fault Analysis, or DFA, is an attack technique that is designed to recover cryptographic keys from apps by injecting “faults” into the app’s crypto code at runtime and observing changes in the app’s behavior. Learn how to protect apps against DFA attacks with Key & Data Protection tech specs

Powerful encryption key management supports all major cryptographic key ciphers, modes, and sizes on iOS, Android, Windows, Mac, and Linux

Symmetric encryption

  • AES (128 or 256 bit, CBC, ECB, GCM)
  • DES (Single, Triple)

Key exchange

  • ECC/DH (Diffie-Hellman)
  • FCC/DH

Secure hashing & HMAC

  • SHA-1 / 2 / 3
  • HMAC (SHA)
  • CMAC (AES)
  • DES MAC3

Asymmetric encryption

  • ECC/EG (EIGamal)
  • RSA (1024 or 2048)

Signature generation

  • ECC/DSA (Digital Signature Algorithm)
  • RSA (1024 or 2048 key size)

Key wrapping & derivation

  • NIST & CMLA Key Wrapping
  • NIST, CMLA, & OMA Key Derivation

Protecting apps from the inside out provides comprehensive, app-level security to protect against a range of threats or to enforce enterprise app governance — expanding the corporate perimeter of trust and allowing for easy integration into DevOps processes. provides a broad range of patented security capabilities to protect applications in the wild — such as a dynamic app policy engine, code hardening, obfuscation, white-box cryptography and encryption, and threat analytics.

The enterprise app security solution

Layered icon (stacked/layered shapes); Enterprise Solution Multi-Layered App Protection

Multi-layered application protection

Adaptive app and data protection prevents tampering, IP theft, and reverse engineering — Learn More

Visibility icon (dot chart); Enterprise Solution Visibility & Intelligence

Visibility and intelligence

Real-time analytics and predictive intelligence against potential threats — Learn More

Warning/Alert icon (triangle w/exclamation point); Enterprise Solution Advanced Threat Team

Advanced threat team

Industry-recognized security thought-leaders with more than 50 years of experience — Learn More

Enterprise icon (2 large buildings); Enterprise Solution Enterprise Customer Success

Enterprise customer success

Comprehensive suite of services, tailored to each enterprise’s singular needs — Learn More

Contact Us