Unicaseeds Demo Days - Cryptolab

266
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
266
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Unicaseeds Demo Days - Cryptolab

  1. 1. 1 Innovation in Secure Data Transactions March 2014 Copyright © 2014 Cryptolab All Rights Reserved.
  2. 2. 2 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  Team Copyright © 2014 Cryptolab All Rights Reserved.
  3. 3. 3 Cryptolab – What we do Cryptolab is an IP (Intellectual Property) company, active in the Cyber Security industry, a market that is expected to reach worldwide $80B in 2017 Cryptolab main focus is Cryptography, that is techniques used to defend data in transit between systems, reducing the probability that data exchanged between systems can be intercepted or modified Cryptolab has developed innovative patented cryptographic algorithms focused on the following domains of application: Enterprise data encryption Cloud data encryption (Fully Homomorphic Encryption) Cryptolab encryption algorithms have been used to develop software solutions that increase the security of data transactions within different fields of application, targeting industries where privacy and data security is a key issue, such as Financial Services, Healthcare, Cloud computing etc. Copyright © 2014 Cryptolab All Rights Reserved.
  4. 4. 4 Cryptolab – Our history Founded as a R&D lab, Cryptolab filed the patent for the MB09 algorithm and obtained the registration in September 2012 Received seed investments from Italian Business Angels to proceed with new research in cryptography and file new patents Filed for the new algorithm MB11 and obtained the green-light from the European Patent Authority (EPO) Filed other patents related to Digital Signature and Blind Signature, and designed an innovative satellite One Time Password (OTP) system Started working with an Italian accelerator and incubator with a subsidiary based in Silicon Valley, M31 LLC Founded the Italian IP company, Cryptolab Q2: received a seed investment from the Italian fund TTSeed Q2: Signed a commercial agreement with M31 LLC for marketing and business development activities 2009 2010 2011 2012 2013 Copyright © 2014 Cryptolab All Rights Reserved.
  5. 5. 5 Cryptolab – Next steps Q3: foundation of the American IP company, Cryptolab LLC Q4: Completion of the first algorithms Applications: 1. RSA Malware protection 2. HyperCrypto, a data encryption solution based on a patented pending mechanism based on Cryptolab algorithms 3. Fully Homomorphic Encryption Q1: RSA Malware protection project(s) and Pilots for HyperCrypto and Fully Homomorphic solutions Business development and Sales 2013 2014 Copyright © 2014 Cryptolab All Rights Reserved.
  6. 6. 6 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  Team Copyright © 2014 Cryptolab All Rights Reserved.
  7. 7. 7 Algorithms Encryption algorithms developed and patented by Cryptolab are: MB09 – Encryption system based on Public/ Private keys that enables the creation of a sequence of encrypted messages shareable among many users and with a system administrator Zero Knowledge – Encryption protocol that allows one Party, called the Prover, to prove to another Party, called the Verifier, that a given statement is true, without conveying any additional information apart from the fact that the statement is indeed true Compression Algorithm – Algorithm that allows to compress data regardless statistical entropy Copyright © 2014 Cryptolab All Rights Reserved.
  8. 8. 8 MB11 – Encryption system based on Public/ Private keys. It allows to have high security level with limited computational requirements. It is an alternative to RSA encryption system Digital signature on MB11 – Mathematical scheme that allows to demonstrate the authenticity of a digital message or document HyperCrypto – Encryption mechanism that allows to eliminate traditional password and tokens solutions required to perform secure data transactions Algorithms cont’d Copyright © 2014 Cryptolab All Rights Reserved.
  9. 9. 9 Algorithms cont’d RSA “attack” – Malware detection that demonstrate the vulnerability of applications developed based on RSA algorithm MB23 – Encryption system for Cloud computing. It allows to encrypt data, send to the cloud and inquire them without decryptions made at cloud level Copyright © 2014 Cryptolab All Rights Reserved.
  10. 10. 10 Algorithms – Fields of application Cryptolab encryption algorithms target the following fields of application: Security protocols for data transactions, virtual payments Digital signature Blind signature: digital voting, digital cash User identification and OTP, One-Time-Key (OTK) creation Cloud computing Copyright © 2014 Cryptolab All Rights Reserved.
  11. 11. 11 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  RSA “attack” and Cryptolab solution  HyperCrypto  Fully Homomorphic Encryption  Team Copyright © 2014 Cryptolab All Rights Reserved.
  12. 12. 12 RSA “attack” and Cryptolab solution Encryption solutions based on RSA algorithm have vulnerabilities based on the evidence that: is possible to encrypt a message, M, using a method of “fake encryption” that provides a “fake encrypted message”, c’ and the “fake encrypted message”, c’, is not detected and rejected by standard systems/ procedures used to verify the authenticity of encrypted messages and the c’ is processed as the encrypted message, c Copyright © 2014 Cryptolab All Rights Reserved.
  13. 13. 13 RSA “attack” and Cryptolab solution cont’d Cryptolab has designed a set of patent protected software development guidelines to protect encryption applications based on RSA algorithm from the RSA “attack”, patented by Cryptolab This type of vulnerabilities has critical impacts on Information Systems’ security because the “faked encrypted message”, c’, can be read not only by the message Sender and the message “official” Receiver, but also by anyone in the middle (i.e. an hacker) The RSA “attack” developed by Cryptolab is based on a “fake encryption method” that allows to modify encrypted message, c (sent by the Sender to the Receiver) into a “fake encrypted message”, c’, so that an hacker by intercepting c’ (public parameter), will be able to decrypt the message, without any awareness by Information Systems’ security procedure and/ or software Copyright © 2014 Cryptolab All Rights Reserved.
  14. 14. 14 Cryptolab RSA Malware solution – Target markets Cryptolab RSA Malware solution target markets are:  IT security companies  System integrators  Vertical markets where IT security is key:  Financial services, Banking and Insurance  Public sector  Healthcare Copyright © 2014 Cryptolab All Rights Reserved.
  15. 15. 15 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  RSA “attack” and Cryptolab solution  HyperCrypto  Fully Homomorphic Encryption  Team Copyright © 2014 Cryptolab All Rights Reserved.
  16. 16. 16 HyperCrypto – The problem we address Existing data encryption applications realize user identification processes - required to transmit encrypted data – with token-based (physical or virtual) solutions Device (Smartphone, tablet, PC) Service provider Server (Banks, Hospitals,…)User  User identification/ authentication is the first action for a user that want to send encrypted data to a generic receiver – for instance the Bank in the scenario of a user that is making a transaction using his/ her online banking  The identification/ authentication process is done using tokens, that generate random numbers started from token seeds stored within the Service provider server  If the Service provider server is subject to an hacking attack that steal token seeds it is possible with a Men-in-the –Middle approach intercept the encrypted message sent by the user with the possibility to change the encrypted message  The possibility to enter the Service provider server to steal token seeds together with vulnerabilities of RSA-based applications are the main reasons to support the low level of security of existing data encryption solutions Token “seeds” are stored in the Service provider server EXISTING DATA ENCRYPTION SOLUTIONS Copyright © 2014 Cryptolab All Rights Reserved.
  17. 17. 17 HyperCrypto – The solution we propose Cryptolab data encryption applications realize user identification processes with a solution that generates the encryption using a random stream of bit and a function that select a pattern x of bits (the same on user and server side) used to create the One- Time-Key to encrypt the message  The identification/ authentication process is done a mechanism that using a OTK allows the creation of a function that define the pattern to use to select the bits of the random stream of bit  On server side there are not private keys stored, that is every session has a new and unique private key that is deleted at the end of the session  The use of OTK inhibits any hacking attack, because there are no private keys stored Copyright © 2014 Cryptolab All Rights Reserved. CRYPTOLAB DATA ENCRYPTION SOLUTIONS Users private keys are stored in the Service provider server Device (Smartphone, tablet, PC) Service provider Server (Banks, Defense departments,…)User
  18. 18. 18 HyperCrypto – Value proposition HyperCrypto data encryption solution overcome many of the well known* vulnerabilities of data encryption solutions based on tokens The level of security reached with HyperCrypto can fit level of security required by the Defense industry With HyperCrypto any Man-in-the-middle attack is useless In addition to a higher level of security HyperCrypto requires limited computation requirements * http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/ Copyright © 2014 Cryptolab All Rights Reserved.
  19. 19. 19 HyperCrypto – Target markets HyperCrypto target markets can be grouped as follow:  IT security companies  System integrators  Vertical markets where IT security is key:  Financial services, Banking and Insurance  Public sector  Healthcare Copyright © 2014 Cryptolab All Rights Reserved.
  20. 20. 20 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  RSA “attack” and Cryptolab solution  HyperCrypto  Fully Homomorphic Encryption  Team Copyright © 2014 Cryptolab All Rights Reserved.
  21. 21. 21 Fully Homomorphic Encryption – The problem we address In different type of applications, such as cloud computing, e-voting, e-cash etc. there is the need to manipulated encrypted data Typically we have one of the following situations: Encrypted data are decrypted before any type of manipulation with a subsequent high level of computational requirements Encrypted data can be manipulated applying only few mathematical operations, but cannot do all, in order to preserve the structure of the encrypted data. This is called Partially Homomorphic Encryption Copyright © 2014 Cryptolab All Rights Reserved.
  22. 22. 22 Fully Homomorphic Encryption – Definition Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and obtain an encrypted result which decrypted matches the result of operations performed on the plaintext For instance, one person could add two encrypted numbers and then another person could decrypt the result, without either of them being able to find the value of the individual numbers An efficient and fully Homomorphic Encryption scheme would enable new kinds of distributed computing Copyright © 2014 Cryptolab All Rights Reserved.
  23. 23. 23 Fully Homomorphic Encryption – The solution we propose Cryptolab has developed an Algorithm that allows to manipulated encrypted data applying all the possible SQL queries preserving data structure One of the most urgent applications of the Fully Homomorphic Encryption is the Cloud computing, in particular for those industries, such as Financial services, where the Cloud adoption has been restrained by security issues  Data are sent and stored in the cloud encrypted  The end-user can access its web/ mobile application and ask for data stored in the Cloud  The query made by the web( mobile application is translated into NEWQuery (that is a type of “SQL- translated” query model) on encrypted data  The NEWQuery calculation is performed and the Cloud provide back data encrypted to the web/ mobile application Copyright © 2014 Cryptolab All Rights Reserved.
  24. 24. 24 Fully Homomorphic Encryption – Value proposition Fully Homomorphic Encryption allows to mismatch the service provider and the data owner, allowing the last one to access encrypted data through SQL queries It also allow the service provider to make statistics without knowing private data Copyright © 2014 Cryptolab All Rights Reserved.
  25. 25. 25 Fully Homomorphic Encryption – Target markets Fully Homomorphic Encryption target markets can be grouped as follow:  IT security companies  System integrators  Cloud service providers  Vertical markets where IT security is key:  Financial services, Banking and Insurance  Public sector  Healthcare Copyright © 2014 Cryptolab All Rights Reserved.
  26. 26. 26 The products – Professional engraving machines Agenda  Cryptolab  Algorithms  Applications and target markets  Team Copyright © 2014 Cryptolab All Rights Reserved.
  27. 27. 27 Cryptolab Team Massimo Bertaccini, CEO Areas of expertise: Mathematical cryptography Marco Bagnaresi, Computer Science Degree Areas of expertise: Software development Alessandro Passerini, Software Engineer Areas of expertise: Software design and development Tiziana Landi, Software Engineer Areas of expertise: Software design and development Copyright © 2014 Cryptolab All Rights Reserved.
  28. 28. 28 Cryptolab ITA Office Via Strada Statale Selice, 47 40026 Imola (BO) Italy Ph: +39 0542 366016 Cryptolab US Office 92 Bonaventura Dr San Jose, CA 95134 USA Ph: +1 408 988 8404

×