Unmatched Data Protection

Single endpoint protection and encryption

platform for contolling and encrypting data

wherever it resides

Enterprise Functionality for Any Size Organization
The ParaDoxBox™ encryption management platform incorporates a rich feature set of functionality for any size organization.

ParaDoxBox™ Enterprise combines our endpoint encryption management platform with our flexible cloud-based administration interface to offer organizations the versatility to manage full disk, partition, and file level encryption as well as cloud hosted data.

The ParaDoxBox™ E3 Protocol (Enhanced Encryption Engine) improves the security of your critical data and extends the useful life of current encryption algorithms through a patented use of layering and segmentation encryption techniques, providing exponentially stronger encryption compared to using single algorithms.



ParaDoxBox™ neutralizes emerging threats and mitigates the risk of unauthorized disclosure of enterprise data
– even in the event of a breach

Infosec Awards 2018 Winner

See the Cyber Defense Magazine List of Winners

Enterprise end-point encryption management for multi-platforms. The ParaDoxBox™ Data Security Platform incorporates rich enterprise administration features as well as Secure Channels’ patented PKMS2 (Pattern Key−Multi-Segment−Multi-Standard) E3 Protocol (Enhanced Encryption Engine mode/toolkit). Built for the enterprise, environment customizable.

It’s estimated that 96% of data stolen in enterprise breaches was unencrypted, and therefore exposed to malicious actors. In many cases, the failure to protect sensitive data was due to the difficulty involved in deploying encryption within an enterprise environment or be ill-prepared in protecting every endpoint. Secure Channels’ ParaDoxBox™ Data Security Platform fills these gaps by providing administrators an intuitive, user-friendly, comprehensive management interface while providing a wide array of encryption options and enterprise management functionality – ensuring positive control over users, billing, and data access.

ParaDoxBox™ uses On-The-Fly-Encryption (OTFE) to encrypt and protect data on endpoints. OTFE ensures that data is never persistently stored in an unencrypted state. OTFE incorporates the PKMS2 Protocol, best of breed symmetric ciphers, enhanced authentication technology, and enterprise controls for key management, account management and billing. ParaDoxBox offers enhanced security that flexibly supports enterprise requirements.


  • Intuitive, easy-to-use interface
  • Protects device, network and Cloud storage locations
  • Users choose encryption scope (disk, partition, volume, file, share, Cloud location, etc.), storage locations and the algorithms and modes of operation that encrypt data
  • Incorporates PKMS2 and SUBROSA® multifactor authentication

Key Product Benefits: Exponentially Increase Security

Pervasive Encryption
The ParaDoxBox™ Data Security Platform can be easily deployed to all of an enterprise’s laptops and workstations (either by download, isolated sandbox environment, or group policy installation). Once installed and registered, it can be used to provide any desired combination of full disk, partition, volume, hidden volume, file and file-for-sharing encryption at the administrator’s discretion. All users can encrypt all data, all the time. ParaDoxBox’s administrative functionality guarantees that the enterprise retains complete, secure control of keys, ensuring data access.

Computational Future Proofing
The ParaDoxBox™ Data Security Platform incorporates Secure Channels’ PKMS2 E3 Protocol encryption that has been mathematically proven* to extend the effective key length of standard 256-bit ciphers by approximately 50% to 387 bits. As a result, the use of ParaDoxBox™ provides security guarantees against both conventional and quantum improvements in computing power. These versions also provide fallback security: Even if one of the ParaDoxBox™ encryption suite’s ciphers is found to be insecure, data using the PKMS2 E3 Protocol remains protected. Additionally, the effort an attacker must exert to recover an entire message is significantly increased.

Bypass and Social Engineering Attack Protection
The ParaDoxBox™ Data Security Platform all but eliminates the threat of bypass and social engineering attacks using Secure Channel’s SUBROSA® technology, which provides a multifactor authentication gateway to ParaDoxBox™, supporting knowledge, possession, biometric, machine inherence and external location based manage knowledge factor authentication credentials that can be tailored or combined based on enterprise requirements to provide the desired level of authentication assurance. SUBROSA’s credentials technology are long (thousands or tens of thousands of bits), non-human readable, binary strings that are unknown to but easily entered by the user. Users can’t reveal what they don’t know and they can’t share what they can’t read or write down.

*A mathematical analysis of PKMS2 was conducted by Dr. Jonathan Katz, Vice President of Cryptography Engineering, Secure Channels Inc., Professor, Computer Sciences, University of Maryland. Cryptoanalysis conducted by Dr. Yevgeniy Dodis, Professor, Computer Science, Courant Institute of Mathematical Sciences, NYU; Dr. Matthew Green, Assistant Professor, Computer Science, The Johns Hopkins University; Dr. Stefano Tessaro, Assistant Professor, Computer Science, University of California, Santa Barbara.

See our Peer Review page.

ParaDoxBox Chart

Use Cases

ParaDoxBox™ creates encrypted virtual containers on endpoints, networks or in the Cloud, providing protection levels that meet or exceed industry and national standards. It is transparent once deployed, requiring no specialized training. Users select the encryption algorithms and the standards with which to comply (e.g., FIPS 140-2 Annex A). ParaDoxBox™ also supports superencipherment, layering and combining multiple encryption algorithms while (optionally) remaining FIPS compliant as well as utilizing Secure Channels’ SUBROSA® authentication technology. Even in the event the network is breached, ParaDoxBox™ ensures that your data is safe.

Technical Details

Operating Systems

Encryption Algorithms
AES, Simon, Twofish, Serpent, MARS, Speck, Aria, Camellia

Modes of Operation

Key Hashing Algorithms
SHA-256, SHA-384, SHA-512, SHA3-256 (future), SHA3-384 (future), SHA3-512 (future), PBKDF2

Authentication Factors
Knowledge, Possession, Biometric, Machine Inherence, Location