How to Secure Cryptographic Keys in Hostile Environments

Share this blog

When it comes to securing your confidential data, encryption is universally acknowledged as a requirement, but it’s not a silver bullet for security. The Achilles Heel for encryption is the cryptographic key. Attackers are searching for these cryptographic keys as they permit access to the encrypted data. Basically, if you get the key, you get the data.

How do attackers steal encryption keys?

Most organizations are vulnerable to key theft attacks for two reasons:

  • Cryptographic Implementations that don’t account for hostile environments: This is particularly true for smartphones and other mobile devices; app binary code is available on app stores for criminals to study and manipulate. Hackers can easily reverse engineer apps to capture encryption keys and gain access to data.
  • Poor practices lead to key exposure when storing and using keys: This is a common and concerning problem. When Marriott International was breached in 2018 their encryption keys, as well as their data, were compromised. Their keys had been stored on the same server with the data they were meant to protect. To put this in perspective – it is worse than leaving your house key under the mat, it’s like leaving the key in the door for anyone to open.

In fact, key management is a growing and difficult-to-solve cybersecurity concern in many enterprises, according to a report from the Ponemon Institute. In 2020, 69% of enterprises were concerned about the management of encryption keys — up from 67% the year before. More than a quarter of the businesses surveyed listed key management and storage as a major challenge in their data encryption strategy with more than half saying that key management is “very painful.”

White-box cryptography is a very strong software-only approach for protecting cryptographic keys in hostile environments. A straightforward and powerful single C library, it can be included in mobile, desktop, cloud, and embedded system use cases.

What is white-box cryptography?

White-box cryptography transforms cryptographic keys used in general-purpose software implementations. That means that even if an attacker gains control of a device and your app’s execution environment, they won’t be able to see your keys or encrypted data, even if the device is rooted or jailbroken.

While each vendor implements white-box cryptography differently, the central principle is the same: white-box cryptography combines methods of encryption and obfuscation to embed cryptographic keys and ciphers within application code so that both code and the encryption keys look indistinguishable to an attacker. This prevents those keys from being found or extracted from the app. White-box cryptography is designed to protect cryptographic keys and cryptographic operations in hostile environments, by design it assumes the attacker has full control of the system and it assumes it is being directly attacked at all times.

Who needs white-box cryptography?

Most organizations can benefit from white-box cryptography, especially in the following scenarios:

  • Any organization with a valuable app: Most organizations have mobile apps which are often an expected piece of a company’s technology stack. While mobile apps are a huge benefit for both individuals and businesses, they’re also vulnerable to hackers. Not only can criminals access binaries through the app store, many apps rely on cryptographic keys which are generated in the backend (e.g. in an HSM) but are used in an unprotected manner within the mobile app on the handset. If an attacker roots or jailbreaks the device, they can easily get hold of the keys. By employing white-box cryptography, development teams can employ strong key security within the app in a hardware-agnostic manner and guard against the vulnerabilities posed by unsupported hardware and compromised devices.
  • Organizations migrating to the cloud: When apps are purely on-premise, the organization typically has a key vault with dedicated hardware installed in their own datacenter. The hardware is used to store the key and to perform any cryptographic functions. They also tend to trust their perimeter, and moving to cloud changes that level of trust. As part of the cloud migration process, enterprises have to choose who will manage and store the cryptographic keys used to encrypt the data stored in the cloud. One method of doing this is the Hold Your Own Key (HYOK) approach. With this approach, the organization generates, manages, and stores encryption keys in their own environment. The cloud provider does not have access to the keys and can’t access the contents of encrypted files. White-box cryptography enables organizations to protect keys and secrets within applications, even when they’re running in multi-tenant, public cloud provider environments.

Secure your encryption keys with Zimperium’s zKeyBox

The secure management of cryptographic keys is a crucial piece of encryption and overall data security strategy. So whether your cryptographic keys are stored in your mobile apps or somewhere in your backend, white-box cryptography should be used to protect your keys.

Zimperium’s zKeyBox provides white-box cryptography to protect against key theft attacks. The cryptographic keys are never revealed in plaintext; not on disk, not in memory, not in transit, not even during the execution of cryptographic operations. This makes it extremely difficult for attackers to locate, modify, or extract keys. zKeyBox also allows you to hold your own key; your application may be running on a multi-tenant public cloud, but your keys will be protected from attackers who want to compromise you through your third parties.

With Zimperium’s white-box cryptography, app development teams can enact proven strong, hardware-agnostic key protection that guards your keys against key extraction attacks and the vulnerabilities posed by unsupported hardware and compromised devices. Contact us for a personalized demo to learn more about how Zimperium secures cryptographic keys.