Home Business IT Security SafeNet applies 'white box crypto' to software protection

SafeNet applies 'white box crypto' to software protection

A new software protection system from SafeNet is said to be safe from prying eyes.

The use of hardware dongles to protect software is less common than it was in previous decades (at least in Australia). It adds to the complexity of IT management, but it seems to have retained a niche among developers who are especially at risk from the unlicensed use of their wares.

Virtualisation is a useful technique for security researchers trying to understand how a new piece of malware works, but it (among other techniques) can also be used by those intent on breaking software protection schemes.

SafeNet has come up with a new approach that is supposed to hold fast under such scrutiny. "Our white box solution assumes that attackers have full visibility. It replaces the exposed algorithm and encryption keys with special application libraries that minimise the attack surface," said Michael Zunke, chief technology officer, software monetization solutions, SafeNet.

This way, the keys used to encrypt communication between the software and the hardware token cannot be extracted, and each application library is uniquely generated and obfuscated for each specific software vendor using SafeNet's protection system.


Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.