2
The products – Professional engraving machinesAgenda
Cryptolab Algorithms Applications and target markets Team
Copyright © 2014 Cryptolab All Rights Reserved.
3
Cryptolab – What we do
Cryptolab is an IP (Intellectual Property) company, active in the Cyber Security industry, a market that is expected to reach worldwide $80B in 2017Cryptolab main focus is Cryptography, that is techniques used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modifiedCryptolab has developed innovative patented cryptographic algorithms focused on the following domains of application:Enterprise data encryptionCloud data encryption (Fully Homomorphic Encryption)
Cryptolab encryption algorithms have been used to develop software solutions that increase the security of data transactions within different fields of application, targeting industries where privacy and data security is a key issue, such as Financial Services, Healthcare, Cloud computing etc.
Copyright © 2014 Cryptolab All Rights Reserved.
4
Cryptolab – Our history
Founded as a R&D lab, Cryptolab filed the patent for the MB09 algorithm and obtained the registration in September 2012Received seed investments from Italian Business Angels to proceed with new research in cryptography and file new patentsFiled for the new algorithm MB11 and obtained the green-light from the European Patent Authority (EPO)Filed other patents related to Digital Signature and Blind Signature, and designed an innovative satellite One Time Password (OTP) systemStarted working with an Italian accelerator and incubator with a subsidiary based in Silicon Valley, M31 LLCFounded the Italian IP company, CryptolabQ2: received a seed investment from the Italian fund TTSeed Q2: Signed a commercial agreement with M31 LLC for marketing and business development activities
2009
2010
2011
2012
2013
Copyright © 2014 Cryptolab All Rights Reserved.
5
Cryptolab – Next steps
Q3: foundation of the American IP company, Cryptolab LLCQ4: Completion of the first algorithms Applications:
1. RSA Malware protection2. HyperCrypto, a data encryption solution based on a patented pending
mechanism based on Cryptolab algorithms3. Fully Homomorphic Encryption
Q1: RSA Malware protection project(s) and Pilots for HyperCrypto and Fully Homomorphic solutionsBusiness development and Sales
2013
2014
Copyright © 2014 Cryptolab All Rights Reserved.
6
The products – Professional engraving machinesAgenda
Cryptolab Algorithms Applications and target markets Team
Copyright © 2014 Cryptolab All Rights Reserved.
7
Algorithms
Encryption algorithms developed and patented by Cryptolab are:
MB09 – Encryption system based on Public/ Private keys that enables the creation of a sequence of encrypted messages shareable among many users and with a system administrator
Zero Knowledge – Encryption protocol that allows one Party, called the Prover, to prove to another Party, called the Verifier, that a givenstatement is true, without conveying any additional information apart from the fact that the statement is indeed true
Compression Algorithm – Algorithm that allows to compress dataregardless statistical entropy
Copyright © 2014 Cryptolab All Rights Reserved.
8
MB11 – Encryption system based on Public/ Private keys. It allows to have high security level with limited computational requirements.
It is an alternative to RSA encryption system
Digital signature on MB11 – Mathematical scheme that allows to demonstrate the authenticity of a digital message or document
HyperCrypto – Encryption mechanism that allows to eliminate traditional password and tokens solutions required to perform secure data transactions
Algorithms cont’d
Copyright © 2014 Cryptolab All Rights Reserved.
9
Algorithms cont’d
RSA “attack” – Malware detection that demonstrate the vulnerability of applications developed based on RSA algorithm
MB23 – Encryption system for Cloud computing. It allows to encrypt data, send to the cloud and inquire them without decryptions madeat cloud level
Copyright © 2014 Cryptolab All Rights Reserved.
10
Algorithms – Fields of application
Cryptolab encryption algorithms target the following fields of application:
Security protocols for data transactions, virtual payments
Digital signature
Blind signature: digital voting, digital cash
User identification and OTP, One-Time-Key (OTK) creation
Cloud computing
Copyright © 2014 Cryptolab All Rights Reserved.
11
The products – Professional engraving machinesAgenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
12
RSA “attack” and Cryptolab solution
Encryption solutions based on RSA algorithm have vulnerabilities based on the
evidence that:
is possible to encrypt a message, M, using a method of “fake encryption” that
provides a “fake encrypted message”, c’
and
the “fake encrypted message”, c’, is not detected and rejected by standard
systems/ procedures used to verify the authenticity of encrypted messages
and
the c’ is processed as the encrypted message, c
Copyright © 2014 Cryptolab All Rights Reserved.
13
RSA “attack” and Cryptolab solution cont’d
Cryptolab has designed a set of patent protected software development guidelines to protect encryption applications based on RSA algorithm from the RSA “attack”, patented by Cryptolab
This type of vulnerabilities has critical impacts on Information Systems’ security because the “faked encrypted message”, c’, can be read not only by the message Sender and the message “official” Receiver, but also by anyone in the middle (i.e. an hacker)The RSA “attack” developed by Cryptolab is based on a “fake encryption method” that allows to modify encrypted message, c (sent by the Sender to the Receiver) into a “fake encrypted message”, c’, so that an hacker by intercepting c’ (public parameter), will be able to decrypt the message, without any awareness by Information Systems’ security procedure and/ or software
Copyright © 2014 Cryptolab All Rights Reserved.
14
Cryptolab RSA Malware solution – Target markets
Cryptolab RSA Malware solution target markets are:
IT security companies
System integrators
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
15
The products – Professional engraving machinesAgenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
16
HyperCrypto – The problem we address
Existing data encryption applications realize user identification processes - required to transmit encrypted data – with token-based (physical or virtual) solutions
Device (Smartphone, tablet, PC)
Service provider Server (Banks, Hospitals,…)User
User identification/ authentication is the first action for a user that want to send encrypted data to a generic receiver – for instance the Bank in the scenario of a user that is making a transaction using his/ her online banking
The identification/ authentication process is done using tokens, that generate random numbers started from token seeds stored within the Service provider server
If the Service provider server is subject to an hacking attack that steal token seeds it is possible with a Men-in-the –Middle approach intercept the encrypted message sent by the user with the possibility to change the encrypted message
The possibility to enter the Service provider server to steal token seeds together with vulnerabilities of RSA-based applications are the main reasons to support the low level of security of existing data encryption solutions
Token “seeds” are stored in the Service provider server
EXISTING DATA ENCRYPTION SOLUTIONS
Copyright © 2014 Cryptolab All Rights Reserved.
17
HyperCrypto – The solution we propose
Cryptolab data encryption applications realize user identification processes with a solution that generates the encryption using a random stream of bit and a function that select a pattern x of bits (the same on user and server side) used to create the One-Time-Key to encrypt the message
The identification/ authentication process is done a mechanism that using a OTK allows the creation of a function that define the pattern to use to select the bits of the random stream of bit
On server side there are not private keys stored, that is every session has a new and unique private key that is deleted at the end of the session
The use of OTK inhibits any hacking attack, because there are no private keys stored
Copyright © 2014 Cryptolab All Rights Reserved.
CRYPTOLAB DATA ENCRYPTION SOLUTIONS
Users private keys are stored in the Service provider server
Device (Smartphone, tablet, PC)
Service provider Server (Banks, Defense departments,…)User
18
HyperCrypto – Value proposition
HyperCrypto data encryption solution overcome many of the well known*
vulnerabilities of data encryption solutions based on tokens
The level of security reached with HyperCrypto can fit level of security required by
the Defense industry
With HyperCrypto any Man-in-the-middle attack is useless
In addition to a higher level of security HyperCrypto requires limited computation
requirements
* http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/
Copyright © 2014 Cryptolab All Rights Reserved.
19
HyperCrypto – Target markets
HyperCrypto target markets can be grouped as follow:
IT security companies
System integrators
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
20
The products – Professional engraving machinesAgenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
21
Fully Homomorphic Encryption – The problem we address
In different type of applications, such as cloud computing, e-voting, e-cash etc. there is
the need to manipulated encrypted data
Typically we have one of the following situations:
Encrypted data are decrypted before any type of manipulation with a
subsequent high level of computational requirements
Encrypted data can be manipulated applying only few mathematical
operations, but cannot do all, in order to preserve the structure of the
encrypted data. This is called Partially Homomorphic Encryption
Copyright © 2014 Cryptolab All Rights Reserved.
22
Fully Homomorphic Encryption – Definition
Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and obtain an encrypted result which decrypted matches the result of operations performed on the plaintext
For instance, one person could add two encrypted numbers and then another person could decrypt the result, without either of them being able to find the value of the individual numbers
An efficient and fully Homomorphic Encryption scheme would enable new kinds of distributed computing
Copyright © 2014 Cryptolab All Rights Reserved.
23
Fully Homomorphic Encryption – The solution we propose
Cryptolab has developed an Algorithm that allows to manipulated encrypted data applying all the possible SQL queries preserving data structureOne of the most urgent applications of the Fully Homomorphic Encryption is the Cloud computing, in particular for those industries, such as Financial services, where the Cloud adoption has been restrained by security issues
Data are sent and stored in the cloud encrypted The end-user can access its web/ mobile
application and ask for data stored in the Cloud The query made by the web( mobile application is
translated into NEWQuery (that is a type of “SQL-translated” query model) on encrypted data
The NEWQuery calculation is performed and the Cloud provide back data encrypted to the web/ mobile application
Copyright © 2014 Cryptolab All Rights Reserved.
24
Fully Homomorphic Encryption – Value proposition
Fully Homomorphic Encryption allows to mismatch the service provider and the data
owner, allowing the last one to access encrypted data through SQL queries
It also allow the service provider to make statistics without knowing private data
Copyright © 2014 Cryptolab All Rights Reserved.
25
Fully Homomorphic Encryption – Target markets
Fully Homomorphic Encryption target markets can be grouped as follow:
IT security companies
System integrators
Cloud service providers
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
26
The products – Professional engraving machinesAgenda
Cryptolab
Algorithms
Applications and target markets
Team
Copyright © 2014 Cryptolab All Rights Reserved.
27
Cryptolab Team
Massimo Bertaccini, CEO
Areas of expertise: Mathematical cryptography
Marco Bagnaresi, Computer Science Degree
Areas of expertise: Software development
Alessandro Passerini, Software Engineer
Areas of expertise: Software design and development
Tiziana Landi, Software Engineer
Areas of expertise: Software design and development
Copyright © 2014 Cryptolab All Rights Reserved.
Top Related