Email Contact Phone Company Visit Website

Inside Secure Headquarters Office Head Office

Arteparc Bachasson – Bâtiment A, Rue de la carrière de Bachasson




Mark M Tidmarsh
[email protected]

WhiteBox – build & trust your own software crypto-security

Every application containing critical sensitive data requires some form of cryptography, either using public key or symmetric methods. To be effective, these keys need to be kept private from potential attackers. If attackers can access the keys, then they can access the sensitive data.

With legacy software crypto methods, it is difficult to keep cryptographic keys private because the hacker can easily analyse the software to find the secrets.  This is compounded with the trend to running secure software on open platforms – these environments should always be considered as compromised – from the moment they are first switched on.

Dynamic WhiteBox to protect cryptographic keysWhiteBox cryptography dissolves keys into the code and obscures algorithms, including at runtime. This keeps keys safe even when an attacker has complete access to the device on which the cryptographic functions are executing.

Inside Secure's WhiteBox uniquely provides developers with a toolkit to compile WhiteBox implementations of cryptographic algorithms and other C-code within applications, while retaining control over the vital static keys that “unlock” the WhiteBox.

Traditional WhiteBox vendors provide a pre-compiled library, which requires the vendor to control your keys – effectively they manage your security.

The crypto functions that WhiteBox provides can be used via an API in exactly the same way as other crypto libraries, yet it provides a way to infuse your key data immutably into your application’s logic in such a way that it is impractical to extract.

WhiteBox Tool has been designed so that is can be used in performance-sensitive implementations such as the on-demand decryption of streamed DRM video in restricted Mobile platforms, yet its effect on code size is such that it is successfully deployed in multiple HCE Payment mobile applications globally.

WhiteBox protects data from attacks, whether it is at rest, in transit or in use by the application – without the need for hardware. WhiteBox allows you to encrypt and decrypt data without the encryption keys being exposed, allowing the secure transfer of sensitive information from directly within your applications.

Learn more about how Inside Secure's products protect cryptographic operations and keys

View other products from INSIDE Secure

Strong Authentication Client

Inside Secure, expert in hardware and software security, provides a secure Strong Authentication App and Client software for iOS and Android platforms, supporting digital signatures (PKI) and biometrics. PRODUCT DESCRIPTION: Smartphones are personal and always with the users, which makes them natural devices to use as hardware tokens for strong authentication. Inside Secure Strong Authentication …

Strong Authentication Server

Inside Secure Strong Authentication Server provides online services a universal platform for modern out-of-band user authentication and transaction authorization, supporting many multi-factor and 2-factor authentication technologies. Inside Secure Strong Authentication Server is a scalable server solution supporting multiple out-of-band user authentication and transaction authorization methods and technologies. The solution integrates with and complements existing Identity …

Code Protection tools - instilling trust in your Apps

Inside Secure's Code Protection tools provide powerful automated Software Application Protection, App Hardneing and Runtime Application Security Protection (RASP) applicable across Mobile, IoT, Desktop and Server platforms. The tools enable all software developers to automatically protect their programs ensuring that deployed Apps can defend themselves from hackers, pirates, targeted malware, insider betrayal and even hardware errors. Relying …