White-Box Cryptography logo

White-box cryptography turns a keyed cryptographic algorithm into an unintelligible program with the same functionality. The white-box secure program can then be executed in an untrusted environment without fear of exposing the underlying keys. The code itself is tamper-proof, just as a secure element.

Related technology

Cryptographic Libraries

Give us the instruction set of your microcontroller and we do the rest.

We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software is available on a variety of hardware platforms and supports standard and advanced cryptographic algorithms.


Related service


We deliver highly-optimised bulletproof cryptographic software.

We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic implementations. We support standard and advanced cryptographic algorithms on a variety of software and hardware platforms.


Related research projects


Secure Software using Whitebox Technology

Software applications are increasingly deployed in environments which cannot be fully trusted. In this context, the SWITECH project aims at investigating and developing innovative security solutions based on White-Box Cryptography. The first benefit of the project is the development of secure mobile applications without a trusted hardware component. This is an industrial research project that brings together theoretical cryptographers (Université de Versailles and University of Luxembourg) and industrial experts (CryptoExperts) whose main concern is the security of their products.



Electronic identity of SMBs.

In a context of increasing dematerialization of procedures and services, IDECYS+ aims to provide small and medium-sized businesses with a digital identity that is easy to obtain and use, taking into account delegation issues. Reliable identification is essential for establishment and the confidence to carry out actions from a distance. IDECYS+ complies with the requirements of the European eIDAS regulation in order to be integrated into the France Connect portal.



Exploring the reverse-engineering taboo.

The goal of the MARSHAL project is to design and realize a mobile security object that withstands all known reverse-engineering attacks by means of software and hardware countermeasures.


The Core Concept of White-Box Cryptography

Assume you want to give somebody the ability to decrypt AES ciphertexts under a certain key without giving them the key itself. You can think of a DRM mechanism, for instance, where subscribers must access the secured digital content but should not be able to publish their own key over the Internet.

Hardcoding the key into a ‘‘simple’’ program that just performs decryption with it is not good enough, because disassembly/decompilation techniques are likely to recover it effortlessly. A (more intricate) program that resists such reverse-engineering and successfully keeps the key hidden is said to be white-box secure.

White-box cryptography considers the worst-case attack model where users themselves are malicious and assumed to have full control over the cryptographic program and its execution environment. The goal of the white-box cryptographer is to create a tamper-resistant program that can be safely executed in such an untrusted environment.

A white-box technology consists of a program-generating compiler that, for some specific cryptographic algorithm, takes as input a secret key and produces a white-box secure program that implements the cryptographic algorithm with the specified secret key. Anyone in control of the generated program can execute it on any input and get the expected output, but is unable to learn anything more than such input-output pairs. The white-box program remains unintelligible and securely hides the secret key, just as trusted hardware would.

Our Offer

CryptoExperts has developed a proprietary white-box cryptography technology, the white-box engine, that enjoys performance and security. It produces white-box components which can be personalized on your back-end server with the user keys. Our technology covers standard cryptographic algorithms and can be adapted to your specific algorithm on demand.

Our technology enables the deployment of user-specific white-box components. The white-box engine takes as input a unique identifier (associated to a user and/ or an application instance) and generates two programs: a white-box component and a token generator. These programs are bound together: the token generator wraps a secret key in a secure way (the key token) to make it usable by the associated white-box component.

The security of our technology relies on new white-box techniques developed by our research team. These techniques mix several levels of algebraic encoding and data-dependency structure hiding which are several steps ahead of the state of the art. Our technology is inherently resistant to classical reverse engineering techniques as well as specific white-box attack techniques such as Differential Computation Analysis (DCA), Fault Analysis (FA/DFA) and any kind of advanced or higher-order DCA or FA. Our technology also features protections against code lifting attacks through the use of a device / user / application binding mechanism. The security of our technology is assessed through evaluations by accredited ITSEF labs.

Our technology features many possible trade-offs between performances (storage, RAM, computation time) and the level of white-box security. Before integration, the white-box engine is finely tuned to generate white-box components matching your constraints in terms of performances.

Get in touch more information and commercial offer.

Related publications

  • Defeating State-of-the-Art White-Box Countermeasures with Advanced Gray-Box Attacks.
    In IACR Trans. Cryptogr. Hardw. Embed. Syst., 2020.
  • How to reveal the secrets of an obscure white-box implementation.
    portrait ofLouis Goubin, portrait ofPascal Paillier, portrait ofMatthieu Rivain, Junwei Wang.
    In J. Cryptogr. Eng., 2020.
  • Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations.
    portrait ofMatthieu Rivain, Junwei Wang.
    In IACR Trans. Cryptogr. Hardw. Embed. Syst., 2019.
  • White-Box Security Notions for Symmetric Encryption Schemes.
    Cécile Delerablée, Tancrède Lepoint, portrait ofPascal Paillier, portrait ofMatthieu Rivain.
    In Selected Areas in Cryptography 2013, pp. 247-264, 2013.
  • Two Attacks on a White-Box AES Implementation.
    Tancrède Lepoint, portrait ofMatthieu Rivain, Yoni De Mulder, Peter Roelse, Bart Preneel.
    In Selected Areas in Cryptography 2013, pp. 265-285, 2013.
  • Cryptanalysis of White Box DES Implementations.
    portrait ofLouis Goubin, Jean-Michel Masereel, Michaël Quisquater.
    In Selected Areas in Cryptography 2007, pp. 278-295, 2007.