white-box crypto Was: consulting question....
Alexander Klimov
alserkli at inbox.ru
Wed May 27 09:48:27 EDT 2009
On Tue, 26 May 2009, James Muir wrote:
> There is some academic work on how to protect crypto in software from
> reverse engineering. Look-up "white-box cryptography".
>
> Disclosure: the company I work for does white-box crypto.
Could you explain what is the point of "white-box cryptography" (even
if it were possible)?
If I understand correctly, the only plausible result is to be able to
use the secret key cryptography as if it were the public-key one, for
example, to have a program that can do (very slow, btw) AES
encryption, but be unable to deduce the key (unable to decrypt). If
this is the case, then why not use normal public-key crypto (baksheesh
aside)?
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list