praetorian secure encryption_services_overview
TRANSCRIPT
Protecting the World’s Data(by making encryption faster, stronger, and scalable)
February 2017
The Problem
…it’s simply a question of when
It’s not a question of if a data breach will
occur…
CipherLoc’s technology is designed to safeguard data by rendering it unusable to the attacker
Our Value Proposition
Our technology dramatically enhances data security CipherLoc’s patented technology provides an ironclad way to protect information
Our innovative approach makes encryption processing faster Reduced latency lessens the penalty associated with deploying encryption technology
Our solutions are scalable and future-proof No need to continually increase key sizes to keep pace with advances in computing horsepower
Eliminates threats associated with quantum computing and plain-text recovery attacks
Our products are easily deployed Deployment option 1: Add CipherLoc software to any existing product, application, or service
Deployment option 2: White-label a pre-built, fully turn-key service offering(s)
Strong
Fast
Scalable
Flexible
Today’s Approach to Protecting Data: Encryption
• Traditionally, encryption technology has been used to protect data…
• However, ubiquitous use of encryption has been hampered by a number of factors:
• Encryption is slow
• Key sizes need to be continually increased (which also increases latency)
• Papers have shown that it is increasingly possible to “break” into encrypted files using plaintext-recovery techniques
• Algorithms will be irreparably compromised when quantum computing becomes mainstream in the near-future
Our Innovative Solution
Each message is broken into multiple fragments. Every fragment has a unique key, a unique encryption method, are randomly grouped into different lengths, can be further re-encrypted. Segments are independent from each other.
• Accelerates the encryption process through multithreading• Security improves as computing horsepower improves• Not susceptible to plain-text recovery attacks• Inherently resistant to quantum computing attacks
Each message is treated as a monolithic block of data; messages are encrypted using keys; block sizes must exactly match the size of the key
• Slow and latency increases as key sizes increase• Costly upgrades needed to update keys & algorithms• Susceptible to plain-text recovery attacks• Quantum computing will irreparably compromise
We make encryption faster, stronger, and scalable
How it Works in Practice
How Encryption is Currently Performed
Seed (key)
Plaintext Ciphertext
1. Information to be protected given to encryption engine2. Seed (key) is also provided to encryption engine3. Entire plaintext data block converted to ciphertext
1. Information to be protected given to CipherLoc utility2. Seed (key) is also provided to CipherLoc utility3. Entire plaintext data block is randomly fractured 4. Seed is used generate large numbers of random keys5. Each individual fragment is encrypted using a one-time use key and an
existing encryption algorithm (e.g. AES)6. Fully-encrypted fragments are dispersed using TCP/IP
1
2
3
How Encryption is Enhanced with CipherLoc
Plaintext
Ciphertext
CipherLoc1
2
3
Seed (key)
4
5 6
Strong
Speed Comparison Fast
10KB 100KB 1MB 25MB 125MB 500MB 1GB0.00
0.50
1.00
1.50
2.00
2.50
3.00
3.50
Encryption Processing Time AES CipherLoc + AESTime (sec)
Size of Data
2XFaster
Our innovative approach makes encryption processing faster
Reduced latency lessens the penalty associated
with deploying encryption technology
Future-ProofHow Encryption is Currently Performed
Seed (key)
Plaintext Ciphertext
How Encryption is Made Future-Proof with CipherLoc
Plaintext
Ciphertext
CipherLoc
• Rapid advances in computing horsepower require continuous upgrades to maintain existing security levels
• DES 3DES• 128-bit AES 256-bit AES 512-bit AES
• Every upgrade is costly, time-consuming, and temporary
• Quantum computing, once available, will irreparably compromise existing encryption approaches
Seed (key)
Scalable
• Security strength can be vastly improved via many easy-to-deploy techniques:1. Randomize the types of encryption algorithms used (i.e. use additional ciphers
other than just AES)2. Increase the number of fragments generated3. Re-encrypt each fragment multiple times – and with different encryption
algorithms
• Even if quantum computing manages to “break” an individual fragment, no information is obtained about the other fragments or their ordering
AES-128
AES-256
Two-fish
Blow-fish
3DES
ECC1
2
3
Deployment Option 1: Add to Existing Service
LIBRARIES
OPERATING SYSTEMS
Mac OSWindows Linux Android IOS
Encryption (e.g. AES)
APPLICATION
Customer-defined
Existing product / application / service
Softw
are
To/from targeted hardware platforms(servers, PC, tablets, mobile device, etc.)
Note: this will be dependent on the customer application
LIBRARIES
Encryption (e.g. AES)
OPERATING SYSTEMS
CipherLoc
APPLICATION
Customer-defined
Existing product / application / service with CipherLoc
Softw
are
Mac OSWindows Linux Android IOS
Adding CipherLoc…
… is as simple as inserting code on
top of where encryption is used
Flexible
To/from targeted hardware platforms(servers, PC, tablets, mobile device, etc.)
Note: this will be dependent on the customer application
Deployment Option 2: Turn-Key Model
Secure Voice
CLIENT CLIENT CLIENT
Secure Storage
STORAGE
Secure Chat
CLIENT CLIENT
Secure Email
CLIENT CLIENTEMAIL SERVER
Secure Transfer
CLIENT CLIENTSERVER
Secure Video
CLIENT CLIENT
Flexible
CipherLocEDGE
Product Portfolio
Data-in-motion
CipherLocENTERPRISE
CipherLocGATEWAY
CipherLocSHIELD
For mobile platforms For desktop, laptop, & tablet platforms
For server platforms For database platforms
Data-at-rest
CipherLoc protects data no matter where it is located
Summary
• Data breaches are inevitable... Our solutions are designed to protect an organization’s most sensitive data prior to, and in case
of, a data breach
• Encryption is hard, slow, and difficult to scale… CipherLoc’s innovative technology solves each of these problems
• Best of all, our technology does not require any changes in architecture We are simply a utility that takes existing encryption algorithms and makes them better, faster,
stronger, and scalable
CipherLoc - Protecting the World’s Data
Securing the IoT – A Proposed Framework
Praetorian Secure
February 2017
Overview• Overarching goal is to create an IoT solution that is secure, scalable, and
easily monetized
• Framework will be defined assuming that data breaches are inevitable Proposal will ensure that information will be protected prior to, and in case of, a data breach
• Additional privacy/security to be achieved via layered authentication One-to-one pairing of data to user, multifactor authentication (if desired), capable of supporting alternate trust
models (e.g. Kerberos)
• Flexible architecture to enable monetization opportunities to be easily added
• Partnership-driven model to enable each party to focus on core strengths
Overview
Camera Thermostat Voice Assistants Security Alarms Smoke Detectors Window Sensors Wearables
Lighting Smart Meters Tags & Trackers Baby Monitors Smart Locks HVAC
GATEWAY
Processor
Local Network (Wifi, ZigBee, etc.)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
MOBILE WEBCellular Network (LTE, LoRa, SIGFOX, etc.)
Gateway & “Things”
GATEWAY
Processor
Local Network (Wifi, ZigBee, etc.)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
• IoT device-agnostic architecture
• Comprehensive data security (embedded chip-level, module-level, and/or gateway-level)
• Hardware modules to support various device and wireless interfaces (FCC pre-certified)
• IoT gateway supporting device/cloud connectivity, security, protocol translation, data filtering and processing, updating, management, aggregation, etc.
• H/W partner to support mechanical, electrical, certifications, customizations, etc.
Cloud
• Cloud-centric architecture supporting device configuration / set-up, account / device ownership management, communication, data collection and storage, etc.
• Comprehensive and scalable security for both data-in-motion and data-at-rest
• Strong authentication mechanisms to provide one-to-one pairing of data to user (including access control)
• Analytic systems to collect, analyze, organize, and feed data to the most relevant users
• Scalable architecture to enable future monetization options including machine learning and artificial intelligence
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
Mobile & Web
• Pre-built mobile applications to enable end users to control the connected device, connect to the cloud, etc.
• Web-based console to provide administrative control over entire IoT infrastructure
• Comprehensive and scalable security, including complete data protection and identity-based authentication
• Fully-featured IoT web management/console system supporting:
• Device management
• Monitoring & control
• Software distribution and management
• Provisioning
MOBILE WEB
• Dashboards
• Alert systems
• Permissions
• Over-the-air (OTA) communications
Putting it All Together
GATEWAY
Processor
“THINGS”
Processor
Module (opt)
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
MOBILE WEB
• Unlike other IoT architectures that start with the IoT infrastructure and adds security afterwards, proposed architecture is purpose-built with security as the foundation
• Proposed architecture is device- and protocol-agnostic
• Works equally well in both consumer and industrial IoT applications
• Monetization opportunities can be seamlessly added (e.g. data storage, database management, data analytics, machine learning, etc.)
• White-label options / customizations exist for “things”, gateways, mobile apps
IRONCLAD DATA PROTECTION
STRONG AUTHENTICATION
COMPLETE IoT SOFTWARE FRAMEWORK
Security-Centric IoT Framework
Secure, Scalable, Flexible, Future-Proof IoT
Camera Thermostat Voice Assistants Security Alarms Smoke Detectors Window Sensors Wearables
Lighting Smart Meters Tags & Trackers Baby Monitors Smart Locks HVAC
GATEWAY
Processor
Local Network (Wifi, ZigBee, etc.)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
MOBILE WEBCellular Network (LTE, LoRa, SIGFOX, etc.)
Thank You
Austin Ross | Office: 1.855.519.7328 | [email protected]