NXP warns cryptographic keys can be hacked

An encrypted key technology used to make hardware like mobile phones secure may not be as unhackable as first thought.

NXP Semiconductors HQ - NXP warns cryptographic keys can be hackedA team of researchers from semiconductor developer NXP have shown that in fact it can be much easier than thought to extract the keys from a white-box environment.

Cryptographic keys protected by white-box software implementations are traditionally regarded as the best form of security. Keys can only to be extracted from white-box implementations by time-consuming reverse-engineering effort and complicated algebraic attacks.

At the same time, little was known about their actual security level, since there is no certification scheme for software implementations.

But NXP researchers discovered a new threat to white-box implementations that needs no expertise and no reverse engineering effort, and that can be deployed automatically.

Maximum security in sensitive environments therefore obviously requires a combination of secure software and secure hardware elements. Adding embedded Secure Elements (eSE) could fill this gap.

The description of this newly discovered threat received the best paper award at the top-tier security conference CHES .

NXP has a team of specialists in Germany looking for potential loopholes in the security of hardware and software systems.


Leave a Reply

Your email address will not be published. Required fields are marked *

*