Cryptographic algorithms are increasingly deployed in various applications embedded on connected devices, such as smartphones and tablets. In this environment, the capabilities of the adversary can be greatly enhanced, and we should consider an adversary who can access the binary code, modify its execution, tamper with the memory, and use existing reverse engineering tools such as debuggers to recover the hidden secrets. In general consumers have an implicit trust in the security level of products and services produced by manufacturers and solution providers. Therefore it is often devastating in terms of technical credibility when security solutions are successfully broken and subsequently subject to uncontrolled cloning and counterfeiting.

The goal of the SWITECH project is to make White-Box Cryptography (WBC) a mature technology, by providing new constructions for cryptographic implementations, by improving known attacks and developing new ones, and by building innovative demonstrators based on concrete use cases to demonstrate the feasibility of security products in pure software. This is an industrial research project that brings together theoretical cryptographers and industrial experts whose main concern is the security of security products. The public laboratory partners are Versailles University and University of Luxembourg. The industrial partner is CryptoExperts. Besides developing secure white-box contructiongs, defining security models, exporing new attacks and developing new attack tools, the goal of the SWITECH project is to specify a concrete, market-driven use case and build a concrete demonstrator to demonstrate the feasibility of security products in pure software. Based on this use case, we will build Android mobile application that makes use of white-box cryptography to secure the storing and spending of cryptocurrency coins. This will require a dynamic ECDSA white-box implementation that can operate transactions from tokens.