SWITECH logo

Software applications are increasingly deployed in environments which cannot be fully trusted. In this context, the SWITECH project aims at investigating and developing innovative security solutions based on White-Box Cryptography. The first benefit of the project is the development of secure mobile applications without a trusted hardware component. This is an industrial research project that brings together theoretical cryptographers (Université de Versailles and University of Luxembourg) and industrial experts (CryptoExperts) whose main concern is the security of their products.

Who can I contact?

Dr. Matthieu Rivain
+33 6 79 83 40 96 http://www.matthieurivain.com/ @mrivain

Matthieu Rivain , PhD

CEO, Senior Cryptography Expert

 

Links

2 Partners

Université de Versailles Saint-Quentin-en-Yvelines
University of Luxembourg

Related technology

White-Box Cryptography

Use white-box software in lieu of a secure element.

White-box cryptography turns a keyed cryptographic algorithm into an unintelligible program with the same functionality. The white-box secure program can then be executed in an untrusted environment without fear of exposing the underlying keys. The code itself is tamper-proof, just as a secure element.

Details

Related service

Implementation

We deliver highly-optimised bulletproof cryptographic software.

We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic implementations. We support standard and advanced cryptographic algorithms on a variety of software and hardware platforms.

Details

Context

Cryptographic algorithms are increasingly deployed in various applications embedded on connected devices, such as smartphones and tablets. In this environment, the capabilities of the adversary can be greatly enhanced, and we should consider an adversary who can access the binary code, modify its execution, tamper with the memory, and use existing reverse engineering tools such as debuggers to recover the hidden secrets. In general consumers have an implicit trust in the security level of products and services produced by manufacturers and solution providers. Therefore it is often devastating in terms of technical credibility when security solutions are successfully broken and subsequently subject to uncontrolled cloning and counterfeiting.

Objectives

The goal of the SWITECH project is to make White-Box Cryptography (WBC) a mature technology, by providing new constructions for cryptographic implementations, by improving known attacks and developing new ones, and by building innovative demonstrators based on concrete use cases to demonstrate the feasibility of security products in pure software. Additionally, SWITECH aims to specify a concrete market-driven use case and build a demonstrator for this use case. Specifically, we will build Android mobile application that makes use of white-box cryptography to secure the storing and spending of cryptocurrency coins. This will require a dynamic ECDSA white-box implementation that can operate transactions from tokens.