On Tue, 26 May 2009, James Muir wrote: > There is some academic work on how to protect crypto in software from > reverse engineering. Look-up "white-box cryptography". > > Disclosure: the company I work for does white-box crypto.
Could you explain what is the point of "white-box cryptography" (even if it were possible)? If I understand correctly, the only plausible result is to be able to use the secret key cryptography as if it were the public-key one, for example, to have a program that can do (very slow, btw) AES encryption, but be unable to deduce the key (unable to decrypt). If this is the case, then why not use normal public-key crypto (baksheesh aside)? -- Regards, ASK --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
