whitenoise data encryption & identity management
Post on 18-Dec-2015
220 Views
Preview:
TRANSCRIPT
Whitenoise
Data Encryption & Identity Management
Whitenoise Laboratories Inc.
• IP IP – Whitenoise Encryption & Identity AlgorithmWhitenoise Encryption & Identity Algorithm
• US/International Patents Pending- (US) US/International Patents Pending- (US) 2004 024 7116 • IPEA advisory all 23 claims allowed (May 2005)IPEA advisory all 23 claims allowed (May 2005)
• Business ModelBusiness Model
– Licensing of Technology to manufacturersLicensing of Technology to manufacturers– Sales of Whitenoise Labs developed encryption products (through Sales of Whitenoise Labs developed encryption products (through
distributors)distributors)
• Fully compliant Cdn Federal Gov’t regulationsFully compliant Cdn Federal Gov’t regulations• Vancouver BasedVancouver Based
• Extremely Secure - Extremely Secure - Keystream length Keystream length exceedsexceeds the size of Data to be the size of Data to be sent or stored (Keys built from small amount of stored data) sent or stored (Keys built from small amount of stored data)
- Keystream Data never transmitted- Keystream Data never transmitted
• Fast – Fast – 5 Clock Cycles per Byte (S/W) >2 Bytes / CC (H/W) – Done in FPGA5 Clock Cycles per Byte (S/W) >2 Bytes / CC (H/W) – Done in FPGA
• Key Set Up Time < 7 msKey Set Up Time < 7 ms
• Error Tolerant - Error Tolerant - Only damaged bits affected no reliance on preceding Only damaged bits affected no reliance on preceding or following dataor following data
• Efficient - Efficient - Low Processor Requirements – Lower cost devicesLow Processor Requirements – Lower cost devices
• Data Type Independent - Data Type Independent - Multimedia Support – Multimedia Support – Voice Data Video Voice Data Video – Real Time – Real Time streaming, Video Surveillancestreaming, Video Surveillance
• Manages Linear Offsets - Manages Linear Offsets - Strong Identity & Digital Rights ManagementStrong Identity & Digital Rights Management Applications Applications
- Receiver & Sender synchronized Keystream- Receiver & Sender synchronized Keystream
• Scaleable - Scaleable - Small Footprint Small Footprint << 300k – Will run on 8 bit cpu 300k – Will run on 8 bit cpu
Whitenoise Program Attributes
Strong
WeakSlow Fast
DES
AES
Triple DES
RC4
Whitenoise
SEAL
StrengthS
peed
Whitenoise Positioning
(CPU/Processor Very Efficient)
Blowfish
Encryption Strength
( CPU/Processor Intensive)
Whitenoise on an FPGAWhitenoise on an FPGA
xc2v1000
Whitenoise in Silicon
• Xilinx xc2v1000 is rated at 1Million gatesXilinx xc2v1000 is rated at 1Million gates
• one stream encoding used 3% of logic which is approx 30,000 gatesone stream encoding used 3% of logic which is approx 30,000 gates
• estimate would be 5000 ASIC gates for one stream encoding + 64 kB memoryestimate would be 5000 ASIC gates for one stream encoding + 64 kB memory
• Small footprint = Small footprint = low power consumptionlow power consumption
• Outputs can be ganged (if required) for very large data streamsOutputs can be ganged (if required) for very large data streams– Ex. Optical Carrier networksEx. Optical Carrier networks
• OC 192 = 10 Gbps, OC 768 = 40 GbpsOC 192 = 10 Gbps, OC 768 = 40 Gbps– Ex. Synchronous Digital Hierarchy (SDH)Ex. Synchronous Digital Hierarchy (SDH)
• STM-64 = 10 GbpsSTM-64 = 10 Gbps
• High throughputHigh throughput
• No latencyNo latency
Whitenoise in Silicon
• Characteristics of FPGA Characteristics of FPGA
– Low costLow cost
– High Speed Encryption/DecryptionHigh Speed Encryption/Decryption
• 1.28 + Gbps1.28 + Gbps
– Channelized ( 2 independent channels )Channelized ( 2 independent channels )
• More Powerful Chips = Higher Speed/More throughputMore Powerful Chips = Higher Speed/More throughput
– Current Xilinx Chip $5-$10 (Volume) = 1.28Gb/sCurrent Xilinx Chip $5-$10 (Volume) = 1.28Gb/s
– Next Model Up ~$80 = 12.8 Gb/sNext Model Up ~$80 = 12.8 Gb/s
• STM-64 = 10 GbpsSTM-64 = 10 Gbps
• OC 192 = 10 GbpsOC 192 = 10 Gbps
– ASIC Implementation in 3ASIC Implementation in 3rdrd Party Electronics Party Electronics
Whitenoise & Data
StorageStorage
• Does not increase stored file sizeDoes not increase stored file size– 256 bit offset/id256 bit offset/id
• Bit for Bit encryptionBit for Bit encryption• Bit error tolerantBit error tolerant
– Only damaged bit corruptedOnly damaged bit corrupted– No relationship with bits preceding or following as with block ciphersNo relationship with bits preceding or following as with block ciphers– Compatible with data recovery schemes (RAID)Compatible with data recovery schemes (RAID)
• Extremely fast encrypt/decrypt functionExtremely fast encrypt/decrypt function– No apparent latency No apparent latency
TransmissionTransmission
– Efficient real-time transmission of large files (Financial)Efficient real-time transmission of large files (Financial)– Increased security Increased security
• Keystream 10Keystream 106060 Bytes in length Bytes in length– Secures wireless transmissionSecures wireless transmission
• Wireless networks SatellitesWireless networks Satellites
Voice & Video
• Data Independency allows pre-caching for optimal performanceData Independency allows pre-caching for optimal performance
• Voice over IP or WirelessVoice over IP or Wireless– No additional latencyNo additional latency– Extremely fast Extremely fast – SecureSecure
• Keystream length exceeds the length of the conversationKeystream length exceeds the length of the conversation– Error tolerantError tolerant
• Interruption in transmission only affects the portion involvedInterruption in transmission only affects the portion involved• Digital radio packet transmissions synchronizeable for error toleranceDigital radio packet transmissions synchronizeable for error tolerance
• VideoVideo– Real-time video encryptionReal-time video encryption– Stored video not inflated by encryptionStored video not inflated by encryption– Instant access to any point in stored encrypted video fileInstant access to any point in stored encrypted video file
• First respondersFirst responders
Dynamic Identity Verification Authentication (DIVA™) & The IDM Key Offset
etc.-01100011001101001101010100101010000101011010101010-etc.
Last Session Ended Here (‘X’)
+’n’
DIVA remembers end point of this session
Terminal requests Access to encrypted content
Server knows last session end point in keystream
If additional Identity Verification required tells terminal to go ahead ‘n’ bits in key & send back ‘y’ bits
If terminal can comply identity is verified & content is delivered
Terminal’s Whitenoise IDM Key
Media Library
Key Database
• IDM - Positive identification of receiving deviceIDM - Positive identification of receiving device
• Unique synchronized communication channel between data sender and Unique synchronized communication channel between data sender and receiverreceiver
• Multimedia may be streamed and/or stored for later playMultimedia may be streamed and/or stored for later play
• Key associated with terminalKey associated with terminal
Cannot be played on another deviceCannot be played on another device
• Supports real time voice, video, music, text and games (yes games)Supports real time voice, video, music, text and games (yes games)
Never decryptedNever decrypted
• Content encrypted once and placed on serverContent encrypted once and placed on server
• Title key sent uniquely encrypted in terminal key to user Title key sent uniquely encrypted in terminal key to user
Low overheadLow overhead
Whitenoise & DRM
Whitenoise Delivers Games and Movies
• Utilizes Central server(s)• Unique Identity Key assigned to subscribers’ Receiving Device
– Uses Serial number or other unique Identifier + Whitenoise• Content is encrypted in Key for that title ( Game, Movie, TV Clip, etc.)• Subscriber requests download• Key for that title is sent to receiver securely encrypted in their unique identity key• Content is never decrypted even in storage on the device• Whitenoise fast enough to decrypt (play) on-the-fly (Demo kit available on request)
Unique IDM
Media Library
Request Media
Key + Content
Key Database
Whitenoise Delivers Voice and Text Key Database
• Provider establishes data base of pre-engineered session keys
• Cell phone/ PDA owner selects Session keys from list
• Similar to Downloading Ring tones
• Database contains user’s Serial #, NAM/Private Key pair
• Session Key is sent encrypted using Private Key to user’s handset & decrypted
• Prevents interception by third party
• User notifies trusted party which Session Key he is using for them
• They go to database and choose same key for communication with that individual
• Keys are transmitted encrypted in their Private Key and decrypted
• During secure call setup Session Key is selected and agreed upon between Cell phones PDA’s
• Transmit/Receive orientation and offset is completed
• Secure Session enabled without transmission of keys
Whitenoise SDK-DDK
• Our engineers will work with your team to integrate the Whitenoise module into your:– S/W application
– Silicon
• Add speed & security to your product• Invisible to the user• Protect the rights of your content provider• Contact: abrisson@wnlabs.com
Whitenoise
Data Encryption & Identity Management
top related