USING SECURE KEY STORAGE TO BIND A WHITE-BOX IMPLEMENTATION TO ONE PLATFORM
A method for performing a secure function in a data processing system is provided. In accordance with one embodiment, the method includes generating and encoding an encryption key. The encoded encryption key may be encrypted in a key store in a trusted execution environment (TEE) of the data process...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English French German |
Published |
08.05.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | A method for performing a secure function in a data processing system is provided. In accordance with one embodiment, the method includes generating and encoding an encryption key. The encoded encryption key may be encrypted in a key store in a trusted execution environment (TEE) of the data processing system. The encrypted encryption key may encrypted, stored, and decrypted in the key store in the TEE, but used in a white-box implementation to perform a secure function. The secure function may include encrypting a value in the white-box implementation for securing a monetary value on, for example, a smart card. In one embodiment, each time an encryption key or decryption key is used, it is changed to a new key. The method makes code lifting and rollback attacks more difficult for an attacker because the key is stored separately from, for example, a white-box implementation in secure storage. |
---|---|
Bibliography: | Application Number: EP20170163091 |