The week's pick
Random Articles
Reseach Article
Implementation of White-Box Cryptography in Credit Card Processing Combined with Code Obfuscation
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 70 - Number 2 |
| Year of Publication: 2013 |
| Authors: Nilima Yadav, Sarvesh Tanwar |
10.5120/11938-7728
|
Nilima Yadav, Sarvesh Tanwar . Implementation of White-Box Cryptography in Credit Card Processing Combined with Code Obfuscation. International Journal of Computer Applications. 70, 2 ( May 2013), 35-38. DOI=10.5120/11938-7728
Abstract
White box cryptographic algorithms aim to denying the key readout even if the source code embedding the key is disclosed. Full-privileged attack software shares a host with cryptographic software, having complete access to the implementation of algorithms, dynamic execution (with instantiated cryptographic keys) can be observed and internal algorithm details are completely visible and alterable. Chow proposed a new technique to secure cryptographic algorithms and key against white-box attacks, called white-box cryptography. Another technique such as obfuscation is mainly designed to facilitate securing of e-commerce and e-banking applications, which often embed cryptographic keys and critical information. In general, it can be used to protect all distributed client software where an owner loses control or where the user wants to protect against automated attacks. As we know main challenges in modern cryptography does how to encrypt or decrypt content without directly revealing any portion of the key and or the data and how to perform strong encryption mechanisms know that hackers can observe and or alter the code during execution. Considerding these problems we have suggested a novel approch in e–banking system (credit card processing) using white box cryptography to encrypt the key and obfuscation which gives a strong encryption. Combination of these two concepts gives a new level in modern cryptography as well as optimizes its performance and additionally we will make end points (Client and server) secure.
References
- S. Chow, P. Eisen, H. Johnson, P. C. van Oorschot , 16 August 2002,"White-Box Cryptography and an AES Implementation", (SAC'02), Ottawa, Canada.
- Marc Joye,2008, "On White-Box Cryptography" ,Thomson R&D France, Technology Group, Corporate Research, Security Laboratory 1 avenue de Belle Fontaine, France Security of Information and Networks,Tra®ord Publishing.
- S. Chow, P. Eisen, H. Johnso1, P. C. van Oorschot,2002 ," A White-Box DES Implementation for DRM Applications", Cloakware Corporation, Ottawa, Canad , Carleton University, Ottawa, Canada .
- Marjanne Plasmans ,2005. ,"White-Box Cryptography for Digital Content protection", department of mathematics and computer science,
- James Muir, "White-Box Cryptography", Cryptography Developer Irdeto Canada MITACS Workshop on Network Security and Cryptography, 24 June 2010.
- James Muir,"Understanding the Advantages of Irdeto's White-Box Cryptography", December 2012.
- Hamilton E. Link, William D. Neumann,"Clarifying Obfuscation Improving the Security of White-Box DES", Sandia National Laboratories, 2004.
- Wil Michiels, "Mechanism for Software Tamper Resistance: An Application of White-Box Cryptography",Philips Research Laboratories Eindhoven, The Netherlands Department of Mathematics and Computer Science, DRM'07, Alexandria, Virginia, USA,Copyright 2007 ACM, October 29, 2007.
- Olivier Billet, Henri Gilbert,"Cryptanalysis of a White Box AES Implementation", Charaf Ech-Chatbi France T´el´ecom R&D, France, 2009.
- Brecht Wyseur Brecht, "White-Box Cryptography: Hiding Keys In Software", NAGRA Kudelski Group, Switzerland, 2009.
Index Terms
Keywords