SlideShare a Scribd company logo

OxCEPT Introduction

M
MattSims

OxCEPT is a cyber security company providing authentication and encryption technology to product teams building connected products and services. Find out why authentication is critical to all connected products and the safety of their users.

Technology
1 of 28
Download to read offline
OxCEPT Ltd. OxCEPT Confidential - not for distribution 1 Defending Privacy
OxCEPT Ltd. OxCEPT Confidential - not for distribution 2 "The ability of bad guys to enter, steal, exit and do it in a way that's undetectable is rising. It's a big problem and it is getting worse.” Larry Ponemon, chairman of the Ponemon Institute The Problem We Face - The Erosion of Privacy
OxCEPT Ltd. OxCEPT Confidential - not for distribution 3 What is Privacy?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 3 What is Privacy? Digital privacy has three foundations. Trust Authentication Encryption
OxCEPT Ltd. OxCEPT Confidential - not for distribution 4 Each has unique benefits, but true privacy is only achieved when all three work together. What is Privacy? Digital privacy has three foundations. Trust Authentication Encryption
OxCEPT Ltd. OxCEPT Confidential - not for distribution 5 Trust Authenticate Encrypt Digital Privacy is Also a Process
OxCEPT Ltd. OxCEPT Confidential - not for distribution 5 Trust Authenticate Encrypt Digital Privacy is Also a Process Do I know you? Do I trust you? How do I know that’s really you on the other end of the connection? Is someone or something between us listening in? Now I know you and the connection between us is genuine, lets encrypt our communications so no- one but us can read them.
OxCEPT Ltd. OxCEPT Confidential - not for distribution 6 Trust Authenticate Encrypt OxCEPT Invented a Better Way Authentication and Encryption technology to protect the privacy of digital communications
OxCEPT Ltd. OxCEPT Confidential - not for distribution 7 OXCEPT - DEFENDER OF PRIVACY
OxCEPT Ltd. OxCEPT Confidential - not for distribution 8 OXCEPT - DEFENDER OF PRIVACY Designed for the military. Ready to protect you.
OxCEPT Ltd. OxCEPT Confidential - not for distribution 8 OXCEPT - DEFENDER OF PRIVACY The British Ministry of Defence and US Navy required a means of bootstrapping highly secure channels of communication in high-stakes battlefield scenarios – over any available network, and using any device. No small task, but with funding of $1.1M from the MOD and US Navy the Oxford University based founders of OxCEPT delivered a virtually unbreakable communications protocol which accomplished just that. • $1.1M development investment • Battlefield deployed • Peer reviewed Designed for the military. Ready to protect you.
OxCEPT Ltd. OxCEPT Confidential - not for distribution 9 Alice Bob What is the difference between authentication and encryption?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 9 Alice Bob Authentication is the process of ensuring the persons or devices in a communication session are genuine, and there is no one listening in the middle. What is the difference between authentication and encryption? Encryption without authentication is like having the best lock in the world, but no assurance of who has (or hasn’t) got the keys. Encryption locks communications data so only those with the keys can unlock and read it.
OxCEPT Ltd. OxCEPT Confidential - not for distribution 10 Alice Bob What is the difference between authentication and encryption? Many services claim “encryption” as a feature, but offer no or inadequate authentication. This is a significant risk. Authentication is the process of ensuring the persons or devices in a communication session are genuine, and there is no one listening in the middle. Encryption locks communications data so only those with the keys can unlock and read it.
OxCEPT Ltd. OxCEPT Confidential - not for distribution 11 Alice Bob An innovative alternative to traditional authentication
OxCEPT Ltd. OxCEPT Confidential - not for distribution 11 Alice Bob Alice’s Certificate Bob’s Public Key Bob’s Secret Key 1 Generate Key 2 Registration Bob’s Certificate 3 Issue certificate 4 Verify certificate Bob’s Public Key 5 Encryption 6 Decryption Certificate Authority Traditional Authentication Too cumbersome Too expensive Central point of failure Flexible Affordable No central point of failure An innovative alternative to traditional authentication
OxCEPT Ltd. OxCEPT Confidential - not for distribution 12 Alice Bob Alice’s Certificate Bob’s Public Key Bob’s Secret Key 1 Generate Key 2 Registration Bob’s Certificate 3 Issue certificate 4 Verify certificate Bob’s Public Key 5 Encryption 6 Decryption Certificate Authority Traditional Authentication An innovative alternative to traditional authentication • 3rd party dependant • Centralised point of failure • Cumbersome to set up and maintain • Inflexible • Hackable PKI - the old way • Peer-to-peer • Endpoints own the security - not 3rd parties • Seconds to set up • Any network, any device • No IT dept required • Virtually unhackable OxCEPT - the new way
OxCEPT Ltd. OxCEPT Confidential - not for distribution 13 Victim’s bank, messaging or email server Victim Data Thief A ‘Man-in-the-Middle is a hacker who breaks into a victim’s existing connection, and re- routes it through their own laptop without the victim knowing. Everything the victim sends across that hacked connection can now be copied and stolen. What is a Man-in-the-Middle Attack?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 13 Victim’s bank, messaging or email server Original connection Hacked 
 connection Passwords Pictures Messages Victim Data Thief XA ‘Man-in-the-Middle is a hacker who breaks into a victim’s existing connection, and re- routes it through their own laptop without the victim knowing. Everything the victim sends across that hacked connection can now be copied and stolen. What is a Man-in-the-Middle Attack?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 14 Victim’s bank, messaging or email server Original connection Hacked 
 connection Passwords Pictures Messages Victim Data Thief X OxCEPT’s patented authentication protocol prevents these common and virtually undetectable Man-in- the-Middle attacks. What is a Man-in-the-Middle Attack?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 15 Why is authentication so important?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 15 Authentication will be fundamental in protecting the Internet of Things, ensuring the privacy and safety of the billions of people and devices coming online each year Why is authentication so important?
OxCEPT Ltd. OxCEPT Confidential - not for distribution 16 Commercial deployment Scrambl Messenger is the first commercial deployment of OxCEPT’s HCBK protocol. Scrambl is a private and secure Instant Messaging app for iOS, designed to keep its users private communications encrypted, authenticated, and safe. Protecting professionals and executives from damaging communication breaches Messenger Tom Rano Tom Rano Here’s a look at Baker St. Pretty bad down here…
OxCEPT Ltd. OxCEPT Confidential - not for distribution 17 Upcoming products OxCEPT’s next commercial offering of the HCBK protocol will be in the form of an authentication API. This product will enable product development teams around the world to add military-grade authentication and encryption to their products, with just a few lines of code. Authenticator API Authenticator API Integrate authentication of smart devices simply and easily with just a few lines of code
OxCEPT Ltd. OxCEPT Confidential - not for distribution 18 Add a group Create or join? Display Initiator screen Create Display Client screen Join Connect to server Connect to server Broadcast profile & Listen Listen Receive Initiator profile Join? Send profile to Initiator Receive Client’s profile Group ready? Start protocol Reveal hashkey Is pairwise? Share Clients’ profiles Receive all clients’ hashkeys Dialog for digest display Receive all other Clients’ profiles Is pairwise? Reveal own hashkey & receive all others’hashkey Dialog for confirmation Dialog for digest input Input digest Show digest to all members Digest match? Abort sessionAbort? Has more trials?Check comparison results Comparison completed? Dialog for confirmation All success? Abort session Send out group key info All success? Send out group key info Generate and send out group key to all Clients using pair-wise keys Receive group key from the Initiator Generate groupkey Generate groupkey Save and exit Save and exit Y Y N N N Y Y N Y N Y N Y N N Y Y Y Members must wait for the completion of the comparison stage (e.g. count the responses from members or wait for the signal from the Initiator). Note that no messages are used to coordinate actions during this stage to prevent the attacker from manipulating digest comparison. At this point the initiator must Check that exactly the profiles in the group compared To the people agreeing to the digest, and that all such people are wanted. This will be straightforward for small groups. Extra support may help for large ones. Default is one more trial. This is the point when the size of the group is determined. Initiator must check that the group apparently contains no unwanted member. This is the point when key generation computation can begin. Note that the comparison of (ID, hk) and hash(ID, hk) must be successful. The action of groupkey generation Indicates that the group has been bootstrapped successfully. Profile includes public person details (ID, name, email, phonenumber, photo, etc.) and (pk,hash(ID, hk)) Profile includes public person details (ID, name, email, phonenumber, photo, etc.) and (pk,hash(ID, hk)) A timer is initiated to ensure all materials are valid within the given session time. Time out will trigger termination of the session. Committed Committed Recommended digest lengths are: 4 (weak security), 6 (medium security), 8 (high security) 1. C → N M: IDC , INFOC , longhash(hkC ,IDC ), longhash(Secret ) 2. M → N C:IDM ,INFOM ,pkM,longhash(hkM,IDM ) 3. C → NM:{Secret}_pkM,hkC 4. M → N C: hkM 5. M→EC:digest(hkC → hkM,IDC ,IDM ,pkM,Secret ,INFOC ,INFOM ) • Developed by world renowned Oxford cryptologists • 2 years, $1.1M to develop • Peer reviewed as a virtually unbreakable protocol Protocol logic HCBK - mathematically robust, virtually unbreakable Hash Commitment Before Knowledge (HCBK)
OxCEPT Ltd. OxCEPT Confidential - not for distribution 19 PERRY M. ANDERSON CEO & Founder DR. BANGDAO CHEN Chief Technology Officer DR. BILL ROSCOE Director of IP Mr. Anderson is the CEO and Co-Founder of OxCEPT, overseeing both the operations and the strategic direction of the firm. He has extensive Private Equity and Investment experience and has significant transactional experience across a diverse range of sectors including manufacturing, media, oil and gas, and technology. He was an early stage investor in a high tech firm which exited via IPO on the Toronto Stock Exchange in 2011. Since the investment, revenues have increased over 70,000% and was recognized as ‘Canada’s Fastest Growing Technology Company’ according to Deloitte. Mr Anderson has attended London Business School and graduated with an MBA from Oxford University. Dr. Chen is an Oxford PhD who specializes in applying human interactive security to electronic payment applications, as well as communication applications. He is highly experienced in implementing online and mobile payment solutions, as well as mobile programming and payment system design solutions. Co- author of a banking patent, he is also involved in academic research pertaining to cyber security. Dr. Roscoe is an Oxford PhD, has been on the faculty of Oxford University since 1983 and has been head of its Computer Science Department since 2003. Under Dr. Roscoe’s leadership, the department has grown to be widely recognized as the best Computer Science Department outside of North America. He is a Fellow of the Royal Academy of Engineering and the author of three books, 150 papers and three distinct patent applications on security (one granted in US and Europe). MATT SIMS Chief Marketing Officer Matt Sims is a marketing and operations strategist with 25 years of applied experience in business, technology, and marketing in both start-up and corporate environments. His successes include multi-million dollar deals in hardware technology and software technology solutions across the telecom, media, VoIP, and SaaS sectors for firms such as Bell Canada, Eyeball Networks and Alcatel-Lucent. He has marketed solutions to, and co-marketed with, many of today’s top technology companies including Intel, Polycom, Google and Philips. The OxCEPT Team
OxCEPT Ltd. OxCEPT Confidential - not for distribution 20 DAVID TAHMASSEBI Strategic Advisor ALLEN MORGAN Strategic Advisor David Tahmassebi joined LEDengin in September 2006 as President and CEO. He served as President, CEO and Co-Chairman of Berkana Wireless, a startup focused on CMOS RF transceivers for the cellular market. Berkana was acquired by Qualcomm for $56M in December 2005. Prior to Berkana, he was Co-Founder, President and CEO of Resonext Communications. During his tenure, he raised $68M from premier venture capital investors and sold Resonext to RF Micro Devices for $133M in December 2002. Allen Morgan is an active, early-stage private investor and startup company advisor. In addition, he is the Managing Director, New Ventures Group, at Idealab in Pasadena, California and a Venture Advisor at Mayfield Fund, a global venture capital firm with in excess of $3 billion under management, where he was a Managing Director for 12 years. Prior to joining Mayfield in 1999, he was a partner with two Silicon Valley law firms, Latham & Watkins and Wilson Sonsini Goodrich & Rosati. He earned an undergraduate degree (summa cum laude and Phi Beta Kappa) from Dartmouth College, a second bachelor’s degree and master’s degree from Oxford University (Christ Church) and a J.D. from the University of Virginia. RICHARD SIROLA Executive Vice President Mr. Sirola is the Executive Vice President, Investor Relations/Business Development of OxCEPT Limited, overseeing both the capital raising and business development functions of the firm. He has extensive Private Capital and Investment experience spanning several different sectors including real estate, manufacturing, technology, oil and gas and media. Over the last 30 years he has also originated over $3.5 billion dollars in financial transactions. STEVE BENNETT Strategic Advisor Steve Bennett is a strategic advisor for OxCEPT. Bennett previously served as the Chief Executive Officer of Intuit from 2000 to 2007 and during his tenure annual revenues grew from US$1 Billion to US$2.7 Billion. In 2010, he joined the Board of Directors of Symantec and became Chairman in 2011. He then went on to serve as its Chief Executive Officer in July 2012. Bennett has served on several significant boards including Intuit, Symantec, Sun Microsystems, Oracle, American Airlines, and Qualcomm. Bennett graduated from the University of Wisconsin with a bachelor’s degree in finance and real estate. The OxCEPT Team
CORPORATE OFFICE 2nd Floor Berkeley Square House Berkeley Square London, England W1J-6BD US OFFICE 34th Floor 555 Mission Street San Francisco, California United States of America 94105 www.getscrambl.com info@getscrambl.com Defending Privacy www.oxcept.com info@oxcept.com

Recommended

Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonZero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beingszekivazquez
 
You, RightScale, and the Universe of Compliance
You, RightScale, and the Universe of ComplianceYou, RightScale, and the Universe of Compliance
You, RightScale, and the Universe of ComplianceRightScale
 
Distributed systems in practice, in theory
Distributed systems in practice, in theoryDistributed systems in practice, in theory
Distributed systems in practice, in theoryAysylu Greenberg
 
DEFCON 23 - john menerick - backdooring GIT
DEFCON 23 - john menerick - backdooring GITDEFCON 23 - john menerick - backdooring GIT
DEFCON 23 - john menerick - backdooring GITFelipe Prado
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Clare Nelson, CISSP, CIPP-E
 
Slides from IPv6 Threats
Slides from IPv6 ThreatsSlides from IPv6 Threats
Slides from IPv6 ThreatsCyren, Inc
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationClare Nelson, CISSP, CIPP-E
 

Recommended

Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonZero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonSSIMeetup
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beingszekivazquez
 
You, RightScale, and the Universe of Compliance
You, RightScale, and the Universe of ComplianceYou, RightScale, and the Universe of Compliance
You, RightScale, and the Universe of ComplianceRightScale
 
Distributed systems in practice, in theory
Distributed systems in practice, in theoryDistributed systems in practice, in theory
Distributed systems in practice, in theoryAysylu Greenberg
 
DEFCON 23 - john menerick - backdooring GIT
DEFCON 23 - john menerick - backdooring GITDEFCON 23 - john menerick - backdooring GIT
DEFCON 23 - john menerick - backdooring GITFelipe Prado
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Clare Nelson, CISSP, CIPP-E
 
Slides from IPv6 Threats
Slides from IPv6 ThreatsSlides from IPv6 Threats
Slides from IPv6 ThreatsCyren, Inc
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationClare Nelson, CISSP, CIPP-E
 
Sketchbook
SketchbookSketchbook
SketchbookDSanchez20
 
Thinking Of Live
Thinking Of LiveThinking Of Live
Thinking Of Livenickyau
 
MID WALES
MID WALESMID WALES
MID WALESRodney Yates
 
Scenes of Cornwall combined edition
Scenes of Cornwall combined editionScenes of Cornwall combined edition
Scenes of Cornwall combined editionRodney Yates
 
Historien Om Myren 97
Historien Om Myren 97Historien Om Myren 97
Historien Om Myren 97Liberal Alliance Fredericia
 
Postincorporation Matters
Postincorporation MattersPostincorporation Matters
Postincorporation MattersDavid Libby
 
How To Make Money With Social Media
How To Make Money With Social MediaHow To Make Money With Social Media
How To Make Money With Social MediaDavid Libby
 
Seeking Assynt Slides
Seeking Assynt SlidesSeeking Assynt Slides
Seeking Assynt SlidesRodney Yates
 
(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slides(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slidesRodney Yates
 
Social Media for HR
Social Media for HRSocial Media for HR
Social Media for HRDavid Libby
 
Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)David Libby
 
Which brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing itWhich brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing itDavid Libby
 
Patents Copyrights Government
Patents Copyrights GovernmentPatents Copyrights Government
Patents Copyrights GovernmentDavid Libby
 
Ann Dace Resume1
Ann Dace Resume1Ann Dace Resume1
Ann Dace Resume1ajfowler
 
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...David Libby
 
Scenes of Cornwall I
Scenes of Cornwall I Scenes of Cornwall I
Scenes of Cornwall I Rodney Yates
 
Social media engagement plan example
Social media engagement plan exampleSocial media engagement plan example
Social media engagement plan exampleDavid Libby
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewInformation Security Awareness Group
 
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)Taisuke Yamada
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT SecurityLondon School of Cyber Security
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaSteve Poole
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 

More Related Content

Viewers also liked

Thinking Of Live
Thinking Of LiveThinking Of Live
Thinking Of Livenickyau
 
Scenes of Cornwall combined edition
Scenes of Cornwall combined editionScenes of Cornwall combined edition
Scenes of Cornwall combined editionRodney Yates
 
Postincorporation Matters
Postincorporation MattersPostincorporation Matters
Postincorporation MattersDavid Libby
 
How To Make Money With Social Media
How To Make Money With Social MediaHow To Make Money With Social Media
How To Make Money With Social MediaDavid Libby
 
Seeking Assynt Slides
Seeking Assynt SlidesSeeking Assynt Slides
Seeking Assynt SlidesRodney Yates
 
(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slides(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slidesRodney Yates
 
Social Media for HR
Social Media for HRSocial Media for HR
Social Media for HRDavid Libby
 
Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)David Libby
 
Which brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing itWhich brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing itDavid Libby
 
Patents Copyrights Government
Patents Copyrights GovernmentPatents Copyrights Government
Patents Copyrights GovernmentDavid Libby
 
Ann Dace Resume1
Ann Dace Resume1Ann Dace Resume1
Ann Dace Resume1ajfowler
 
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...David Libby
 
Scenes of Cornwall I
Scenes of Cornwall I Scenes of Cornwall I
Scenes of Cornwall I Rodney Yates
 
Social media engagement plan example
Social media engagement plan exampleSocial media engagement plan example
Social media engagement plan exampleDavid Libby
 

Viewers also liked (17)

Sketchbook
SketchbookSketchbook
Sketchbook
 
Thinking Of Live
Thinking Of LiveThinking Of Live
Thinking Of Live
 
MID WALES
MID WALESMID WALES
MID WALES
 
Scenes of Cornwall combined edition
Scenes of Cornwall combined editionScenes of Cornwall combined edition
Scenes of Cornwall combined edition
 
Historien Om Myren 97
Historien Om Myren 97Historien Om Myren 97
Historien Om Myren 97
 
Postincorporation Matters
Postincorporation MattersPostincorporation Matters
Postincorporation Matters
 
How To Make Money With Social Media
How To Make Money With Social MediaHow To Make Money With Social Media
How To Make Money With Social Media
 
Seeking Assynt Slides
Seeking Assynt SlidesSeeking Assynt Slides
Seeking Assynt Slides
 
(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slides(1) Scenes of Cornwall (2) Seeking assynt slides
(1) Scenes of Cornwall (2) Seeking assynt slides
 
Social Media for HR
Social Media for HRSocial Media for HR
Social Media for HR
 
Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)Howtocreateasocialmediaengagementplan (1)
Howtocreateasocialmediaengagementplan (1)
 
Which brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing itWhich brands are succeeding with social and how are they doing it
Which brands are succeeding with social and how are they doing it
 
Patents Copyrights Government
Patents Copyrights GovernmentPatents Copyrights Government
Patents Copyrights Government
 
Ann Dace Resume1
Ann Dace Resume1Ann Dace Resume1
Ann Dace Resume1
 
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
2007 Sei Handout What Every Business Lawyer Needs To Know About Licensing Dan...
 
Scenes of Cornwall I
Scenes of Cornwall I Scenes of Cornwall I
Scenes of Cornwall I
 
Social media engagement plan example
Social media engagement plan exampleSocial media engagement plan example
Social media engagement plan example
 

Similar to OxCEPT Introduction

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)Taisuke Yamada
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaSteve Poole
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?Blockchain Council
 
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdf
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdfCyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdf
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdfRoger Qiu
 
Protecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyShawn Tuma
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to knowEric Klein
 
Siganl messaging
Siganl messagingSiganl messaging
Siganl messagingYuvaraj R
 
enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authenticationahmad amiruddin
 
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesDecrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesBlueboxer2014
 
Castle Presentation 08-12-04
Castle Presentation 08-12-04Castle Presentation 08-12-04
Castle Presentation 08-12-04Howard Hellman
 
Invessed Webinar: Investor Portals are not Rocket Science
Invessed Webinar: Investor Portals are not Rocket ScienceInvessed Webinar: Investor Portals are not Rocket Science
Invessed Webinar: Investor Portals are not Rocket ScienceTheo Paraskevopoulos
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackPriyanka Aash
 
Collecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyCollecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyKonark modi
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityClare Nelson, CISSP, CIPP-E
 
Towards a Trustmark for IoT (April 2018)
Towards a Trustmark for IoT (April 2018)Towards a Trustmark for IoT (April 2018)
Towards a Trustmark for IoT (April 2018)Peter Bihr
 
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017Codemotion
 

Similar to OxCEPT Introduction (20)

Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
 
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT Security
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015
 
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
 
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdf
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdfCyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdf
CyberSecurity - Future Risks, Zero Trust and the Optus Data Leak.pdf
 
Protecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software TechnologyProtecting Your IP: Data Security for Software Technology
Protecting Your IP: Data Security for Software Technology
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
 
Siganl messaging
Siganl messagingSiganl messaging
Siganl messaging
 
enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authentication
 
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile DevicesDecrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices
 
Castle Presentation 08-12-04
Castle Presentation 08-12-04Castle Presentation 08-12-04
Castle Presentation 08-12-04
 
Invessed Webinar: Investor Portals are not Rocket Science
Invessed Webinar: Investor Portals are not Rocket ScienceInvessed Webinar: Investor Portals are not Rocket Science
Invessed Webinar: Investor Portals are not Rocket Science
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation Track
 
Collecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyCollecting user-data-socially-responsibly
Collecting user-data-socially-responsibly
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital Identity
 
Towards a Trustmark for IoT (April 2018)
Towards a Trustmark for IoT (April 2018)Towards a Trustmark for IoT (April 2018)
Towards a Trustmark for IoT (April 2018)
 
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 

OxCEPT Introduction

  • 1. OxCEPT Ltd. OxCEPT Confidential - not for distribution 1 Defending Privacy
  • 2. OxCEPT Ltd. OxCEPT Confidential - not for distribution 2 "The ability of bad guys to enter, steal, exit and do it in a way that's undetectable is rising. It's a big problem and it is getting worse.” Larry Ponemon, chairman of the Ponemon Institute The Problem We Face - The Erosion of Privacy
  • 3. OxCEPT Ltd. OxCEPT Confidential - not for distribution 3 What is Privacy?
  • 4. OxCEPT Ltd. OxCEPT Confidential - not for distribution 3 What is Privacy? Digital privacy has three foundations. Trust Authentication Encryption
  • 5. OxCEPT Ltd. OxCEPT Confidential - not for distribution 4 Each has unique benefits, but true privacy is only achieved when all three work together. What is Privacy? Digital privacy has three foundations. Trust Authentication Encryption
  • 6. OxCEPT Ltd. OxCEPT Confidential - not for distribution 5 Trust Authenticate Encrypt Digital Privacy is Also a Process
  • 7. OxCEPT Ltd. OxCEPT Confidential - not for distribution 5 Trust Authenticate Encrypt Digital Privacy is Also a Process Do I know you? Do I trust you? How do I know that’s really you on the other end of the connection? Is someone or something between us listening in? Now I know you and the connection between us is genuine, lets encrypt our communications so no- one but us can read them.
  • 8. OxCEPT Ltd. OxCEPT Confidential - not for distribution 6 Trust Authenticate Encrypt OxCEPT Invented a Better Way Authentication and Encryption technology to protect the privacy of digital communications
  • 9. OxCEPT Ltd. OxCEPT Confidential - not for distribution 7 OXCEPT - DEFENDER OF PRIVACY
  • 10. OxCEPT Ltd. OxCEPT Confidential - not for distribution 8 OXCEPT - DEFENDER OF PRIVACY Designed for the military. Ready to protect you.
  • 11. OxCEPT Ltd. OxCEPT Confidential - not for distribution 8 OXCEPT - DEFENDER OF PRIVACY The British Ministry of Defence and US Navy required a means of bootstrapping highly secure channels of communication in high-stakes battlefield scenarios – over any available network, and using any device. No small task, but with funding of $1.1M from the MOD and US Navy the Oxford University based founders of OxCEPT delivered a virtually unbreakable communications protocol which accomplished just that. • $1.1M development investment • Battlefield deployed • Peer reviewed Designed for the military. Ready to protect you.
  • 12. OxCEPT Ltd. OxCEPT Confidential - not for distribution 9 Alice Bob What is the difference between authentication and encryption?
  • 13. OxCEPT Ltd. OxCEPT Confidential - not for distribution 9 Alice Bob Authentication is the process of ensuring the persons or devices in a communication session are genuine, and there is no one listening in the middle. What is the difference between authentication and encryption? Encryption without authentication is like having the best lock in the world, but no assurance of who has (or hasn’t) got the keys. Encryption locks communications data so only those with the keys can unlock and read it.
  • 14. OxCEPT Ltd. OxCEPT Confidential - not for distribution 10 Alice Bob What is the difference between authentication and encryption? Many services claim “encryption” as a feature, but offer no or inadequate authentication. This is a significant risk. Authentication is the process of ensuring the persons or devices in a communication session are genuine, and there is no one listening in the middle. Encryption locks communications data so only those with the keys can unlock and read it.
  • 15. OxCEPT Ltd. OxCEPT Confidential - not for distribution 11 Alice Bob An innovative alternative to traditional authentication
  • 16. OxCEPT Ltd. OxCEPT Confidential - not for distribution 11 Alice Bob Alice’s Certificate Bob’s Public Key Bob’s Secret Key 1 Generate Key 2 Registration Bob’s Certificate 3 Issue certificate 4 Verify certificate Bob’s Public Key 5 Encryption 6 Decryption Certificate Authority Traditional Authentication Too cumbersome Too expensive Central point of failure Flexible Affordable No central point of failure An innovative alternative to traditional authentication
  • 17. OxCEPT Ltd. OxCEPT Confidential - not for distribution 12 Alice Bob Alice’s Certificate Bob’s Public Key Bob’s Secret Key 1 Generate Key 2 Registration Bob’s Certificate 3 Issue certificate 4 Verify certificate Bob’s Public Key 5 Encryption 6 Decryption Certificate Authority Traditional Authentication An innovative alternative to traditional authentication • 3rd party dependant • Centralised point of failure • Cumbersome to set up and maintain • Inflexible • Hackable PKI - the old way • Peer-to-peer • Endpoints own the security - not 3rd parties • Seconds to set up • Any network, any device • No IT dept required • Virtually unhackable OxCEPT - the new way
  • 18. OxCEPT Ltd. OxCEPT Confidential - not for distribution 13 Victim’s bank, messaging or email server Victim Data Thief A ‘Man-in-the-Middle is a hacker who breaks into a victim’s existing connection, and re- routes it through their own laptop without the victim knowing. Everything the victim sends across that hacked connection can now be copied and stolen. What is a Man-in-the-Middle Attack?
  • 19. OxCEPT Ltd. OxCEPT Confidential - not for distribution 13 Victim’s bank, messaging or email server Original connection Hacked 
 connection Passwords Pictures Messages Victim Data Thief XA ‘Man-in-the-Middle is a hacker who breaks into a victim’s existing connection, and re- routes it through their own laptop without the victim knowing. Everything the victim sends across that hacked connection can now be copied and stolen. What is a Man-in-the-Middle Attack?
  • 20. OxCEPT Ltd. OxCEPT Confidential - not for distribution 14 Victim’s bank, messaging or email server Original connection Hacked 
 connection Passwords Pictures Messages Victim Data Thief X OxCEPT’s patented authentication protocol prevents these common and virtually undetectable Man-in- the-Middle attacks. What is a Man-in-the-Middle Attack?
  • 21. OxCEPT Ltd. OxCEPT Confidential - not for distribution 15 Why is authentication so important?
  • 22. OxCEPT Ltd. OxCEPT Confidential - not for distribution 15 Authentication will be fundamental in protecting the Internet of Things, ensuring the privacy and safety of the billions of people and devices coming online each year Why is authentication so important?
  • 23. OxCEPT Ltd. OxCEPT Confidential - not for distribution 16 Commercial deployment Scrambl Messenger is the first commercial deployment of OxCEPT’s HCBK protocol. Scrambl is a private and secure Instant Messaging app for iOS, designed to keep its users private communications encrypted, authenticated, and safe. Protecting professionals and executives from damaging communication breaches Messenger Tom Rano Tom Rano Here’s a look at Baker St. Pretty bad down here…
  • 24. OxCEPT Ltd. OxCEPT Confidential - not for distribution 17 Upcoming products OxCEPT’s next commercial offering of the HCBK protocol will be in the form of an authentication API. This product will enable product development teams around the world to add military-grade authentication and encryption to their products, with just a few lines of code. Authenticator API Authenticator API Integrate authentication of smart devices simply and easily with just a few lines of code
  • 25. OxCEPT Ltd. OxCEPT Confidential - not for distribution 18 Add a group Create or join? Display Initiator screen Create Display Client screen Join Connect to server Connect to server Broadcast profile & Listen Listen Receive Initiator profile Join? Send profile to Initiator Receive Client’s profile Group ready? Start protocol Reveal hashkey Is pairwise? Share Clients’ profiles Receive all clients’ hashkeys Dialog for digest display Receive all other Clients’ profiles Is pairwise? Reveal own hashkey & receive all others’hashkey Dialog for confirmation Dialog for digest input Input digest Show digest to all members Digest match? Abort sessionAbort? Has more trials?Check comparison results Comparison completed? Dialog for confirmation All success? Abort session Send out group key info All success? Send out group key info Generate and send out group key to all Clients using pair-wise keys Receive group key from the Initiator Generate groupkey Generate groupkey Save and exit Save and exit Y Y N N N Y Y N Y N Y N Y N N Y Y Y Members must wait for the completion of the comparison stage (e.g. count the responses from members or wait for the signal from the Initiator). Note that no messages are used to coordinate actions during this stage to prevent the attacker from manipulating digest comparison. At this point the initiator must Check that exactly the profiles in the group compared To the people agreeing to the digest, and that all such people are wanted. This will be straightforward for small groups. Extra support may help for large ones. Default is one more trial. This is the point when the size of the group is determined. Initiator must check that the group apparently contains no unwanted member. This is the point when key generation computation can begin. Note that the comparison of (ID, hk) and hash(ID, hk) must be successful. The action of groupkey generation Indicates that the group has been bootstrapped successfully. Profile includes public person details (ID, name, email, phonenumber, photo, etc.) and (pk,hash(ID, hk)) Profile includes public person details (ID, name, email, phonenumber, photo, etc.) and (pk,hash(ID, hk)) A timer is initiated to ensure all materials are valid within the given session time. Time out will trigger termination of the session. Committed Committed Recommended digest lengths are: 4 (weak security), 6 (medium security), 8 (high security) 1. C → N M: IDC , INFOC , longhash(hkC ,IDC ), longhash(Secret ) 2. M → N C:IDM ,INFOM ,pkM,longhash(hkM,IDM ) 3. C → NM:{Secret}_pkM,hkC 4. M → N C: hkM 5. M→EC:digest(hkC → hkM,IDC ,IDM ,pkM,Secret ,INFOC ,INFOM ) • Developed by world renowned Oxford cryptologists • 2 years, $1.1M to develop • Peer reviewed as a virtually unbreakable protocol Protocol logic HCBK - mathematically robust, virtually unbreakable Hash Commitment Before Knowledge (HCBK)
  • 26. OxCEPT Ltd. OxCEPT Confidential - not for distribution 19 PERRY M. ANDERSON CEO & Founder DR. BANGDAO CHEN Chief Technology Officer DR. BILL ROSCOE Director of IP Mr. Anderson is the CEO and Co-Founder of OxCEPT, overseeing both the operations and the strategic direction of the firm. He has extensive Private Equity and Investment experience and has significant transactional experience across a diverse range of sectors including manufacturing, media, oil and gas, and technology. He was an early stage investor in a high tech firm which exited via IPO on the Toronto Stock Exchange in 2011. Since the investment, revenues have increased over 70,000% and was recognized as ‘Canada’s Fastest Growing Technology Company’ according to Deloitte. Mr Anderson has attended London Business School and graduated with an MBA from Oxford University. Dr. Chen is an Oxford PhD who specializes in applying human interactive security to electronic payment applications, as well as communication applications. He is highly experienced in implementing online and mobile payment solutions, as well as mobile programming and payment system design solutions. Co- author of a banking patent, he is also involved in academic research pertaining to cyber security. Dr. Roscoe is an Oxford PhD, has been on the faculty of Oxford University since 1983 and has been head of its Computer Science Department since 2003. Under Dr. Roscoe’s leadership, the department has grown to be widely recognized as the best Computer Science Department outside of North America. He is a Fellow of the Royal Academy of Engineering and the author of three books, 150 papers and three distinct patent applications on security (one granted in US and Europe). MATT SIMS Chief Marketing Officer Matt Sims is a marketing and operations strategist with 25 years of applied experience in business, technology, and marketing in both start-up and corporate environments. His successes include multi-million dollar deals in hardware technology and software technology solutions across the telecom, media, VoIP, and SaaS sectors for firms such as Bell Canada, Eyeball Networks and Alcatel-Lucent. He has marketed solutions to, and co-marketed with, many of today’s top technology companies including Intel, Polycom, Google and Philips. The OxCEPT Team
  • 27. OxCEPT Ltd. OxCEPT Confidential - not for distribution 20 DAVID TAHMASSEBI Strategic Advisor ALLEN MORGAN Strategic Advisor David Tahmassebi joined LEDengin in September 2006 as President and CEO. He served as President, CEO and Co-Chairman of Berkana Wireless, a startup focused on CMOS RF transceivers for the cellular market. Berkana was acquired by Qualcomm for $56M in December 2005. Prior to Berkana, he was Co-Founder, President and CEO of Resonext Communications. During his tenure, he raised $68M from premier venture capital investors and sold Resonext to RF Micro Devices for $133M in December 2002. Allen Morgan is an active, early-stage private investor and startup company advisor. In addition, he is the Managing Director, New Ventures Group, at Idealab in Pasadena, California and a Venture Advisor at Mayfield Fund, a global venture capital firm with in excess of $3 billion under management, where he was a Managing Director for 12 years. Prior to joining Mayfield in 1999, he was a partner with two Silicon Valley law firms, Latham & Watkins and Wilson Sonsini Goodrich & Rosati. He earned an undergraduate degree (summa cum laude and Phi Beta Kappa) from Dartmouth College, a second bachelor’s degree and master’s degree from Oxford University (Christ Church) and a J.D. from the University of Virginia. RICHARD SIROLA Executive Vice President Mr. Sirola is the Executive Vice President, Investor Relations/Business Development of OxCEPT Limited, overseeing both the capital raising and business development functions of the firm. He has extensive Private Capital and Investment experience spanning several different sectors including real estate, manufacturing, technology, oil and gas and media. Over the last 30 years he has also originated over $3.5 billion dollars in financial transactions. STEVE BENNETT Strategic Advisor Steve Bennett is a strategic advisor for OxCEPT. Bennett previously served as the Chief Executive Officer of Intuit from 2000 to 2007 and during his tenure annual revenues grew from US$1 Billion to US$2.7 Billion. In 2010, he joined the Board of Directors of Symantec and became Chairman in 2011. He then went on to serve as its Chief Executive Officer in July 2012. Bennett has served on several significant boards including Intuit, Symantec, Sun Microsystems, Oracle, American Airlines, and Qualcomm. Bennett graduated from the University of Wisconsin with a bachelor’s degree in finance and real estate. The OxCEPT Team
  • 28. CORPORATE OFFICE 2nd Floor Berkeley Square House Berkeley Square London, England W1J-6BD US OFFICE 34th Floor 555 Mission Street San Francisco, California United States of America 94105 www.getscrambl.com info@getscrambl.com Defending Privacy www.oxcept.com info@oxcept.com