Archive for the ‘cyber security’ Category

An Unbreakable Internet of Things

November 18, 2015 Leave a comment

I don’t read every press release that comes down the wire. But when I see one from a cyber security company called Secret Double Octopus–no lie–I take notice.

Secret Double Octopus. This has gotta be good,” I thought to myself.

The real thrust of the press release is this. Encryption is strong, but the infrastructure supporting it isn’t. Therefore secrets get leaked. However, by “shredding” the data and sending it through different routes, any network traffic that is intercepted is unusable.

That’s good, but there is more. There is another sexy idea in the announcement by Secret Double Octopus, and that is a world without keys. Keys are the cryptographic shorthand for the authentication technologies that lock and unlock secure communications across a network. Keys are the weakest link in the otherwise bulletproof encryption architectures we use today. So if we can eliminate keys and key infrastructure, we take away the biggest source of risk.

S2O LogoSecret Double Octopus claims to do just that using mathematical theory already several decades old and well-respected in the academic and cryptographic communities. In layman’s terms, this “new” technique is called “secret sharing.” The core of the solution is to starve the attacker of sufficient information for any meaningful computation. In geek speak, “you cannot solve an equation of two variables.”

Bottom line: even after capturing some or all of the data transmission, the attacker lacks the ability to solve for the variables.

Securing our most sensitive data, and eliminating troublesome keys is the mission of Secret Double Octopus.

The impact could be huge. Today banks know that their PKI (public key infrastructure) is not secure enough for their most sensitive transmissions. And the demands of the Internet of Things have already strained PKI to the breaking point. Secret Double Octopus (I love saying that!) comes to the rescue, potentially enabling billions of secure, keyless transactions between cars, trains, factory machines and toasters to the cloud and to private networks.

The coming months will be fun to watch as this new startup out of Israel demonstrates its capabilities and attempts to disrupt the security and networking worlds.