By Jean-Pierre Joosting
Secure Channels Inc. (Lake Forest, CA) has announced a new, mathematically provable patented PKMS2 protocol that significantly improves the security of modern block ciphers.
This latest process protects corporations and government agencies that are utilizing the AES-256 encryption standard by vastly strengthening it through segmenting and layering while still allowing them to remain firmly within FIPS compliance. The process is configurable for compliance with FIPS 140-2, can be integrated into any application requiring block cipher encryption algorithms and can be integrated with enterprise key management solutions.
The mathematics behind the PKMS2 protocol proves its efficacy in thwarting an attack where the first layer of AES-256 fails, and the protocol acts as a secondary layer.
The new protocol is offered within the firm’s virtual encrypted storage product, ParaDoxBox, and the Superencipherment Engine tool which offers a massive fifty percent increase in bit strength. For example AES-256 security is improved to 386 bits of security after implementation of the PKMS2 process.
It increases a potential attacker’s workload by a factor of at least two orders of magnitude, making any intrusion completely unfeasible. The protocol is extremely fast but is not “heavy” and will not adversely affect the speed and flow that data travels through network infrastructure.
“Compute power continues to increase, and there are hacking groups and state-funded agencies that are actively trying to thwart AES-256,” says Richard Blech, Chief Executive Officer of Secure Channels Inc. “The market needs new primitives and protocols that improve capabilities and solve a host of security problems. Our solution is the only one that offers the versatility to manage full disk, partition, file, and cloud sharing encryption, combined with enterprise features such as key and license management and remote install.”
Secure Channels is offering mathematical validation of the protocol, which was spearheaded by Jonathan Katz, the company’s Vice President-Cryptography Engineering. The validation details several key findings, including; if the cipher used in the first layer is insecure, the PKMS2 protocol is secure as long as the second layer cipher is secure, the effective key length of the PKMS2 scheme is larger than the key length for either cipher, and segmentation improves security against message-recovery attacks.
The proof is concurrently undergoing crypto analysis peer review by noted university experts, including Matthew D. Green, Assistant Professor in the Department of Computer Science at Johns Hopkins University, and Stefano Tessaro, Assistant Professor and Culler Professor of Computer Science at University of California, Santa Barbara.
“It’s important for potential clients to understand that we’ve developed a new protocol and process, and they’ll still utilize their existing algorithms,” continued Blech. “Our protocol improvement is integrated into ParaDoxBox through a SDK, and our clients will only need to apply it to greatly strengthen their security. There’s simply no other product on the market that can match this incorporation of PKMS2’s capabilities, and the product is uniquely positioned to support end users, resellers, integrators, and our enterprise customers.”
ParaDoxBox allows users to encrypt storage network spaces, protect data saved in public file share services, and safeguard endpoints by developing encrypted virtual containers or entire drives. It offers clients a range of encryption algorithms and NIST standards, as well as supports superencipherment and the layering and combining multiple encryption algorithms.
Find the original article here.