White Hawk Technology

Tamper-proofing is to code as encryption is to data. ™

Digital room with binary numbers 0 and 1

Binary Code Protection

White Hawk’s tool does not need to know how an attack looks like today or in the future. It recognizes unexpected changes to the execution of the application. The use of a computer is essential, which allows to combine thousands of mutually checking aspects, their algorithmic combinations, and composition from even lower level code primitives. For a given program, the protection scheme uniquely combines a rich mixture of obfuscations, checksums, encryptions, anti-debugger code sequences, anti-disassembler mechanisms, cleverly chosen decoys, opaque predicates using known information, self modifying code, code shuffling and also the possible interaction of primitive protection aspects and user-written protection components. An open architecture allowing for custom plug-ins. Unlike other protection systems, application of obfuscation transformation and other measures is under precise user control.  This allows for a code-location specific and/or a project-specific balance between security, code size expansion, and speed of execution.

Protection at the object file level
White Hawk analyzes and modifies the object file for the protection.  Some competitors use source code; others use executables; many tools are applied to byte code. Protecting real object files is a major advantage. Compared to protecting at the source level, operating at the binary level allows the entire complexity of the computer to be used and the protection is not limited to what the programming language can express. It provides high end protection against state players and the most sophisticated attacks. Compared to executable files, object files still have unresolved references, but exactly because they still support linking object files it leads to more precise analysis.

Tailored protection of subprograms
The capability to protect something in a library will be appreciated by many customers.
Our tool supports “pre-linking” multiple object files and can generate one single pre-linked and protected object file. This is particularly suitable for very large programs, separate programming, as well as large libraries. Protecting object files allows protection of individual components used in large multi-vendor software systems.

Control of performance impact and protection strength
The protection is guided by a “script”, and by optional position markers in the source file. The script is an XML file, uses only simple elements which any programmer can put together with an XML editor or a plain text editor. The programmer has the choice for the level of protection and which parts of the code will be protected. With this choice, the execution performance, size impact and the protection strength can be controlled and the protection applied where it is most needed and most important.

Dynamic behavior
With White Hawk there are individual different protections possible.

Interoperability with customer software
White Hawk provides modular extensible design, primitives to build on.

Protection of already completed software
Yes, that is possible. However, additional and significant protection and performance gains can be achieved designing the protection from the beginning.

Easy Integration
Any software engineer designing the system can  use the protection tool. No special protection-engineer is required.