Unicaseeds Demo Days - Cryptolab

1

Innovation in Secure Data Transactions

March 2014

Copyright © 2014 Cryptolab All Rights Reserved.

2

The products – Professional engraving machinesAgenda

Cryptolab Algorithms Applications and target markets Team


3

Cryptolab – What we do

Cryptolab is an IP (Intellectual Property) company, active in the Cyber Security industry, a market that is expected to reach worldwide $80B in 2017Cryptolab main focus is Cryptography, that is techniques used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modifiedCryptolab has developed innovative patented cryptographic algorithms focused on the following domains of application:Enterprise data encryptionCloud data encryption (Fully Homomorphic Encryption)

Cryptolab encryption algorithms have been used to develop software solutions that increase the security of data transactions within different fields of application, targeting industries where privacy and data security is a key issue, such as Financial Services, Healthcare, Cloud computing etc.


4

Cryptolab – Our history

Founded as a R&D lab, Cryptolab filed the patent for the MB09 algorithm and obtained the registration in September 2012Received seed investments from Italian Business Angels to proceed with new research in cryptography and file new patentsFiled for the new algorithm MB11 and obtained the green-light from the European Patent Authority (EPO)Filed other patents related to Digital Signature and Blind Signature, and designed an innovative satellite One Time Password (OTP) systemStarted working with an Italian accelerator and incubator with a subsidiary based in Silicon Valley, M31 LLCFounded the Italian IP company, CryptolabQ2: received a seed investment from the Italian fund TTSeed Q2: Signed a commercial agreement with M31 LLC for marketing and business development activities

2009

2010

2011

2012

2013


5

Cryptolab – Next steps

Q3: foundation of the American IP company, Cryptolab LLCQ4: Completion of the first algorithms Applications:

1. RSA Malware protection2. HyperCrypto, a data encryption solution based on a patented pending

mechanism based on Cryptolab algorithms3. Fully Homomorphic Encryption

Q1: RSA Malware protection project(s) and Pilots for HyperCrypto and Fully Homomorphic solutionsBusiness development and Sales

2013

2014


6


Cryptolab Algorithms Applications and target markets Team


7

Algorithms

Encryption algorithms developed and patented by Cryptolab are:

MB09 – Encryption system based on Public/ Private keys that enables the creation of a sequence of encrypted messages shareable among many users and with a system administrator

Zero Knowledge – Encryption protocol that allows one Party, called the Prover, to prove to another Party, called the Verifier, that a givenstatement is true, without conveying any additional information apart from the fact that the statement is indeed true

Compression Algorithm – Algorithm that allows to compress dataregardless statistical entropy


8

MB11 – Encryption system based on Public/ Private keys. It allows to have high security level with limited computational requirements.

It is an alternative to RSA encryption system

Digital signature on MB11 – Mathematical scheme that allows to demonstrate the authenticity of a digital message or document

HyperCrypto – Encryption mechanism that allows to eliminate traditional password and tokens solutions required to perform secure data transactions

Algorithms cont’d


9

Algorithms cont’d

RSA “attack” – Malware detection that demonstrate the vulnerability of applications developed based on RSA algorithm

MB23 – Encryption system for Cloud computing. It allows to encrypt data, send to the cloud and inquire them without decryptions madeat cloud level


10

Algorithms – Fields of application

Cryptolab encryption algorithms target the following fields of application:

Security protocols for data transactions, virtual payments

Digital signature

Blind signature: digital voting, digital cash

User identification and OTP, One-Time-Key (OTK) creation

Cloud computing


11


Cryptolab

Algorithms

Applications and target markets

RSA “attack” and Cryptolab solution

HyperCrypto

Fully Homomorphic Encryption

Team


12


Encryption solutions based on RSA algorithm have vulnerabilities based on the

evidence that:

is possible to encrypt a message, M, using a method of “fake encryption” that

provides a “fake encrypted message”, c’

and

the “fake encrypted message”, c’, is not detected and rejected by standard

systems/ procedures used to verify the authenticity of encrypted messages

and

the c’ is processed as the encrypted message, c


13

RSA “attack” and Cryptolab solution cont’d

Cryptolab has designed a set of patent protected software development guidelines to protect encryption applications based on RSA algorithm from the RSA “attack”, patented by Cryptolab

This type of vulnerabilities has critical impacts on Information Systems’ security because the “faked encrypted message”, c’, can be read not only by the message Sender and the message “official” Receiver, but also by anyone in the middle (i.e. an hacker)The RSA “attack” developed by Cryptolab is based on a “fake encryption method” that allows to modify encrypted message, c (sent by the Sender to the Receiver) into a “fake encrypted message”, c’, so that an hacker by intercepting c’ (public parameter), will be able to decrypt the message, without any awareness by Information Systems’ security procedure and/ or software


14

Cryptolab RSA Malware solution – Target markets

Cryptolab RSA Malware solution target markets are:

IT security companies

System integrators

Vertical markets where IT security is key:

Financial services, Banking and Insurance

Public sector

Healthcare


15


Cryptolab

Algorithms



HyperCrypto


Team


16

HyperCrypto – The problem we address

Existing data encryption applications realize user identification processes - required to transmit encrypted data – with token-based (physical or virtual) solutions

Device (Smartphone, tablet, PC)

Service provider Server (Banks, Hospitals,…)User

User identification/ authentication is the first action for a user that want to send encrypted data to a generic receiver – for instance the Bank in the scenario of a user that is making a transaction using his/ her online banking

The identification/ authentication process is done using tokens, that generate random numbers started from token seeds stored within the Service provider server

If the Service provider server is subject to an hacking attack that steal token seeds it is possible with a Men-in-the –Middle approach intercept the encrypted message sent by the user with the possibility to change the encrypted message

The possibility to enter the Service provider server to steal token seeds together with vulnerabilities of RSA-based applications are the main reasons to support the low level of security of existing data encryption solutions

Token “seeds” are stored in the Service provider server

EXISTING DATA ENCRYPTION SOLUTIONS


17

HyperCrypto – The solution we propose

Cryptolab data encryption applications realize user identification processes with a solution that generates the encryption using a random stream of bit and a function that select a pattern x of bits (the same on user and server side) used to create the One-Time-Key to encrypt the message

The identification/ authentication process is done a mechanism that using a OTK allows the creation of a function that define the pattern to use to select the bits of the random stream of bit

On server side there are not private keys stored, that is every session has a new and unique private key that is deleted at the end of the session

The use of OTK inhibits any hacking attack, because there are no private keys stored


CRYPTOLAB DATA ENCRYPTION SOLUTIONS

Users private keys are stored in the Service provider server

Device (Smartphone, tablet, PC)

Service provider Server (Banks, Defense departments,…)User

18

HyperCrypto – Value proposition

HyperCrypto data encryption solution overcome many of the well known*

vulnerabilities of data encryption solutions based on tokens

The level of security reached with HyperCrypto can fit level of security required by

the Defense industry

With HyperCrypto any Man-in-the-middle attack is useless

In addition to a higher level of security HyperCrypto requires limited computation

requirements

* http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/


19

HyperCrypto – Target markets

HyperCrypto target markets can be grouped as follow:


System integrators



Public sector

Healthcare


20


Cryptolab

Algorithms



HyperCrypto


Team


21

Fully Homomorphic Encryption – The problem we address

In different type of applications, such as cloud computing, e-voting, e-cash etc. there is

the need to manipulated encrypted data

Typically we have one of the following situations:

Encrypted data are decrypted before any type of manipulation with a

subsequent high level of computational requirements

Encrypted data can be manipulated applying only few mathematical

operations, but cannot do all, in order to preserve the structure of the

encrypted data. This is called Partially Homomorphic Encryption


22

Fully Homomorphic Encryption – Definition

Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and obtain an encrypted result which decrypted matches the result of operations performed on the plaintext

For instance, one person could add two encrypted numbers and then another person could decrypt the result, without either of them being able to find the value of the individual numbers

An efficient and fully Homomorphic Encryption scheme would enable new kinds of distributed computing


23

Fully Homomorphic Encryption – The solution we propose

Cryptolab has developed an Algorithm that allows to manipulated encrypted data applying all the possible SQL queries preserving data structureOne of the most urgent applications of the Fully Homomorphic Encryption is the Cloud computing, in particular for those industries, such as Financial services, where the Cloud adoption has been restrained by security issues

Data are sent and stored in the cloud encrypted The end-user can access its web/ mobile

application and ask for data stored in the Cloud The query made by the web( mobile application is

translated into NEWQuery (that is a type of “SQL-translated” query model) on encrypted data

The NEWQuery calculation is performed and the Cloud provide back data encrypted to the web/ mobile application


24

Fully Homomorphic Encryption – Value proposition

Fully Homomorphic Encryption allows to mismatch the service provider and the data

owner, allowing the last one to access encrypted data through SQL queries

It also allow the service provider to make statistics without knowing private data


25

Fully Homomorphic Encryption – Target markets

Fully Homomorphic Encryption target markets can be grouped as follow:


System integrators

Cloud service providers



Public sector

Healthcare


26


Cryptolab

Algorithms


Team


27

Cryptolab Team

Massimo Bertaccini, CEO

Areas of expertise: Mathematical cryptography

Marco Bagnaresi, Computer Science Degree

Areas of expertise: Software development

Alessandro Passerini, Software Engineer

Areas of expertise: Software design and development

Tiziana Landi, Software Engineer

Areas of expertise: Software design and development


28

Cryptolab ITA OfficeVia Strada Statale Selice, 4740026 Imola (BO)ItalyPh: +39 0542 366016

Cryptolab US Office92 Bonaventura DrSan Jose, CA 95134USAPh: +1 408 988 8404

Unicaseeds Demo Days - Cryptolab

Small Business & Entrepreneurship

Transcript of Unicaseeds Demo Days - Cryptolab