EMBEDDED ENCRYPTION PLATFORM BENEFIT ANALYSIS

Transcription

1 EMBEDDED ENCRYPTION PLATFORM BENEFIT ANALYSIS MerlinCryption s forward-looking technology proactively secures clients against today s threats and tomorrow s risks. A significant advantage to securing systems environments, storage, enterprise, and IoT, benchmark Embedded Encryption Platforms establish a complete solution. Facilitated by uncomplicated SDK integration, the highly versatile solution is designed to reflect the individual organization s security needs and process structure, as it quickly compiles into the apps, programs, modules, and systems. Cloud, VoIP, device and equipment manufacturers, integrators, and providers not only benefit with increased security offerings, but also gain from accelerated time to market, reduced development costs, and improved profitability. MerlinCryption platform technology is built for change, and is effortlessly integrated, adaptable, and scalable. It bundles and assimilates easily into existing systems, strengthening security across our client s organization as it is, today and as it evolves in the future. Technology is based on Nondeterministic Algorithms Encryption, Authentication, and RDG are designed to exhibit different behaviors on every run. Embedded Encryption Platforms also trigger undeterminable output from all security actions Uniquely Applies Stochastic Randomization in all solutions Reinforced Control and Access Security Security factors are controlled only by designated top trusted and authorized security individuals Criminals can crack security when they can anticipate and predict the actions, behaviors, and outputs of their target s processes, Criminals cannot predict MerlinCryption s cyphertext, key size, or how keys and passwords are communicated between endpoints. (There is no key transfer) Security is unknown and is invisible to everyone else in the organization Security factors cannot be accessed or changed, by either error or malicious intent Obstructs Advanced Persistent Threat and outside attack vectors Thwarts insider espionage Top down control eliminates user action against security and their ramifications Circumvents outside access to security control via users PO Box Austin, Texas SAFE Copyright 2016 MerlinCryption. All Rights Reserved. 1

2 Reinforced Control and Access Security One or multiple points Independent Control provide security checks and balances within a system One trusted/authorized person/team is designated to control certain mechanisms/factors, while another point of control determines other mechanisms/factors Can be used as proactive security design or immediate situational response Encryption Keys are Variable in Length Keys scale in length from 2008 bits to 2 GB, and can be any size in between Implements a Patented Random Data Generator for keys and passwords Each key exists only until encryption is complete, at which point the platform deletes the key and scrubs memory No one person or team has ultimate control of security factors Should a top trusted person leave the team, a simple parameter change effectively deploys new security across the entire system and/or organization In an emergency situation, a top trusted official can immediately change all security parameters in real time and unknown to users All other encryption keys have a fixed length Fixed Keys can be identified, making them easier to crack. Short Keys can be identified, making them easier to crack. Typical encryptions use 128 bit- or 256 bitkeys. SSL can be as small as 40 bits. ASBE s smallest key is more than Stronger than AES s largest key No other encryption provides keys to 2GB Outputs keys-for-use and passwords-for-use by multiple-factors of billions Most key management programs use public keys and certificates Protects against ex-employee sabotage and insider attack Circumvents hostile takeover attempt by one person or group Provides emergency response to critical infrastructures and organizations Hackers cannot identify the encryption key by its size Secures with Stronger, Stealthier Encryption Keys Criminals cannot predict the key size Increases number of keys in use at extreme cost-savings PO Box Austin, Texas SAFE Copyright 2016 MerlinCryption. All Rights Reserved. 2

3 Requires No Key Transfer Keys and passwords are temporarily created, used, and destroyed and recreated at decryption Requires No Key Storage Keys recreated on command NO Public Key Infrastructure (PKI) Needed No Certificates No Registration Authority No Directory Management Digital Signatures Optional Key Protocol Not Needed: Key Validation Not Needed: Facilitates and Executes Encrypted File Passwords up to 65,535 Bytes Anti-Statistical Block Encryption (ASBE) Nondeterministic Encryption Algorithm Every encrypted transmission is different. Produces differential cyphertext, even when repeating the same plaintext, key, and password All output is variable. There is no static behaviors or repeating patterns Key transfer is detectable and predictable Other crypto systems require that keys are sent back and forth to users or computers Other encryption systems store keys in central key deposits. Stored keys can be stolen PKI is an expensive laborious process Most PKI systems demand high CPU and memory overhead Weak passwords are defeated in seconds Most encryption offerings have either no additional password layer or offer 32B ASBE cannot be analyzed statistically, mathematically, or by cryptanalysis AES & ECC subject to mathematical analysis and Brute Force attack Other algorithms produce identical cyphertext, which can be analyzed for clues to crack Other encryption algorithms repeat processes over and over, making them easy to crack Nothing to intercept between end-points No key management required Keys and passwords NOT available for theft Eliminate cost of key storage Eliminates PKI and associated risks Saves time and money spent on implementation and administrative costs Exponentially escalates protection with extra layer of password security Defeats Cryptanalysis and statistical analysis Gains Exponentially Stronger Encryption Security Brute Force cannot hack it. PO Box Austin, Texas SAFE Copyright 2016 MerlinCryption. All Rights Reserved. 3

4 Delivered as Embedded Platform SDK with static library and API All encryption parameters are changeable IT security staff can algorithmically choose: o Key lengths, file password lengths, filenames o Any other parameters o Time-varying data changes, as needed CSV and table files can be encrypted Scalable, flexible, embedded platform encrypts data across all systems. Other systems are static making reconnaissance prevalent Most organizations have business process nuances with multiple node types Flexible client control secures against outsider attack Protects against insider espionage Easily adapts and scales with company Protects and configures entire business system with one highly flexible, complete, streamlined security blueprint. Platform Provides 4-factor Authentication Uses something known, physically possessed, and unique, plus a new category o Temporary factors Efficient minuscule footprint: 22KB encryption engine 55KB Low Overhead Platform 200KB Embedded Encryption Platform Encrypts the data payload transmits on Any communications protocol Any network Portable to any CPU Most authentication is 1-, 2-, or 3-factor Developers can algorithmically use temporary and environmental factors. Many encryption offerings require large CPU and memory real estate. Critical nodes may be left at risk due to lack of available space Most systems rely on the network s security, such as SSL. These encryptions are broken, leaving data at risk ASBE secures data in network and cloud Implement encryption security into existing systems with a software upload. Unknown category reinforces stealth Increases authentication factor availability Satisfies restricted memory requirements Saves money, utilizing existing hardware Facilitates using existing systems and configurations Eliminates need for special VPN or networks No specific communication channels needed Versatility, flexibility, and ease support business processes already in place Versatile, flexible, fast, and affordable implementation PO Box Austin, Texas SAFE Copyright 2016 MerlinCryption. All Rights Reserved. 4

5 Can be compiled to any CPU Easy maintenance. Secures nodes anywhere, all the time. Secures unmanned nodes and in hard to service locations Scrubs memory after each encryption or decryption Scrubs critical memory locations Shreds files Overwrites files 5X and deletes the file Hackers use Memory Analyzers that capture passwords, encryption keys, and PII from RAM. Not all encryption software scrubs memory Other shredders overwrite 3 times, only, and retain for future use Defeats Memory Analyzers Residual data not available to criminals Deleted files not available for attack Self-checks for Virus If a virus is detected, the MC program alerts Monitors virus detection on MC programs MerlinCryption protects the integrity of data-at-rest, data-in-motion, data-in-use, and data-in-change as it is created, viewed, edited, shared, stored, and moved securely across communications channels and in the Cloud. Encryption Security Platform protect sensitive data, voice transmissions, and streaming video, while safeguarding against data theft, software compromise, physical machine compromise, and man-in-the-middle attack. Encryption is OFAC compliant and enables clients with FDA, HIPAA, and HITECH compliance. PO Box Austin, Texas SAFE Copyright 2016 MerlinCryption. All Rights Reserved. 5