[144483] in cryptography@c2.net mail archive
white-box crypto Was: consulting question....
daemon@ATHENA.MIT.EDU (Alexander Klimov)
Wed May 27 16:45:41 2009
Date: Wed, 27 May 2009 16:48:27 +0300 (IDT)
From: Alexander Klimov <alserkli@inbox.ru>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <4A1CACEB.3020208@gmail.com>
On Tue, 26 May 2009, James Muir wrote:
> There is some academic work on how to protect crypto in software from
> reverse engineering. Look-up "white-box cryptography".
>
> Disclosure: the company I work for does white-box crypto.
Could you explain what is the point of "white-box cryptography" (even
if it were possible)?
If I understand correctly, the only plausible result is to be able to
use the secret key cryptography as if it were the public-key one, for
example, to have a program that can do (very slow, btw) AES
encryption, but be unable to deduce the key (unable to decrypt). If
this is the case, then why not use normal public-key crypto (baksheesh
aside)?
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
