SlideShare a Scribd company logo

Omlis fact sheet july 2014, Secure Mobile Payments

Simon Cairns
Simon Cairns

New unbreakable mobile payment encryption to change the market for the future

Mobile
1 of 5
Download to read offline
Omlis Fact Sheet: Omlis Encryption Technology www.omlis.com Private & Confidential
Objective This fact sheet documents the failure and limitations of existing encryption technologies and shows how the innovative approach taken by Omlis in re-imagining encryption protocols offers a range of unrivaled benefits across a multitude of applications. Current Encryption Section Summary: Contents Contents 1 Problem 1 Omlis Encryption Technology Outline 2 Security Strength 3 Implementation 4 Conclusion 4 Typical Use Cases 4 Fraud is dramatically increasing as mobile and internet centric payments increase Block-based encryption is largely dependent on the protection of a single key Existing encryption solutions place a significant burden on servers and infrastructure The transfer of sensitive information from one place to another is subject to increasingly costly criminal attack and incidents of committed fraud. This is a particular problem for payment systems using mobile devices which cannot be kept behind firewalls and for any kind of communication that must pass through an insecure network (such as the internet or mobile telephony infrastructure). Block-based encryption methods that are currently employed to protect sensitive payments (such as Triple-DES and AES) are entirely dependent on the security of the keys that are used. These methods employ the same keys repeatedly giving criminals a significant opportunity to obtain a key by using cryptographic analysis of data. Keys can also be obtained by breaching security (through bribery, extortion, theft, etc.). Block-based encryption requires additional protocols to facilitate the exchange of keys, representing further opportunity for compromise, while the multitude of keys required for large number of clients can also be problematic. Existing encryption methods require significant processing power to decrypt data. This requires powerful and costly central server infrastructure to handle encrypted communications from a large number of devices. Additional servers may also be required to handle key exchange protocols, adding further to costs. The failure and limitation of existing encryption technology processes questions the traditional ‘bigger is better’ encryption philosophy. Omlis understands the limitations of current encryption technologies and offers an innovative solution that delivers a new encryption protocol offering unrivaled benefits. 1 Private & Confidential
Omlis Encryption Technology Outline The most secure method of encryption, given a reliable source of unpredictable keys, is the “one time pad”. This type of encryption cannot be broken by cryptographic analysis, regardless of the scale of computing resources applied. The Omlis Encryption Technology uses “one time pad” encryption. This is used to encrypt small packets of data using unpredictable keys which are generated by the sending device (e.g. a mobile phone). Section Summary: Inherently secure encryption via “one time pad” Truly random key generation using one-way transformations on environmental variables A unique token is used for identification of users, devices and transactions Omlis Product Algorithm ...7315231113... Light Lumens 123 Seed Feed Subtractive Encryption Encrypted Package Transmitted Output Each key is unique to a specific user, device and transaction and is created and used within a short time frame. This approach ensures minimal opportunity for data harvesting (to obtain keys) or for security to be breached. Exchange of keys is an integral part of the Omlis communication protocol and thus no additional key-exchange infrastructure is required. A system of tokens is used to provide secure identification of the device from which secure communication originates. The Omlis key generation method utilizes a plurality of variables. Some will come from user input, others will be variables associated with environmental conditions on a device. The device contains the defining parameters of a plurality of scrambling functions and by using the variables can calculate a plurality of scramble values. Each scramble value comprises a combination of environmental variables combined in accordance with one of the plurality of scrambling functions. The Omlis encryption system also includes the process to produce a scramble code and generating the encryption key from the scramble code itself. This unique method ensures that keys cannot be predicted at all, eliminating the one possible attack against “one time pad” encryption. Environmental Variables Encryption Key ID Token Private & Confidential 2
Omlis technology re-examines the fundamental equation P=NP (which asks “Is something that is easy to find, easy to check?”). By inverting this to become (NP=P) stating that something that’s hard to find is hard to check, it is possible to create an algorithm that uses NP inputs. By feeding these into itself, which is also NP in characteristic, an isolated and totally secure environment is created, which derives a P. This P is a pseudo-random number and is imaginary in character, only reflective of a process whose values are also defined by an imaginary group that NP=P is different in each running of the algorithm. By doing this the “one time pad” we create is unique and truly unpredictable. If a malicious party wished to predict this number they would have to work out the values of the two NP inputs used to create it – which means that the NP=P process would be reversed and fed back through the P=NP. It would need a computer far more powerful than any available to work out the actual number and even ‘big data’ analytics of inputs to the algorithm and output encryption data would not be reflective of the process, hence no pattern can exist. P=NP As the key generated by the Omlis method is the same length as the “plaintext” data being encrypted, there is no need for a complex multi-stage encryption/decryption algorithm. This is a major advantage for a system handling encrypted communication from a large number of devices, such as a mobile payment system. The processing load for key generation is distributed among all the devices in the network and, as a result, does not burden the central server. Security Strength Section Summary: As computing power increases exponentially, current encryption techniques become more vulnerable and easier to break The Omlis “one time pad” can not be broken; even with infinite computing power Omlis key generation occurs within a mobile device rather than overloading central servers Encryption methods are conventionally assigned a security strength rating in terms of the effective number of bits in the encryption key. As an example, Triple-DES offers 112 bit security. This security strength rating indicates the number of calculations required to extract the key from encrypted data using a “brute force” attack (one that tries every possible key in turn). As computing speeds increase exponentially (Moore’s law) it is only a matter of time before the encryption methods currently in use are no longer secure. Quantum computing even suggests that it will eventually become possible for every key permutation to be given simultaneously; prompting systems to utilize larger sizes of keys. This will, in turn, require even more significant processing power for encryption and decryption before eventually falling short in the quantum age. The Omlis Encryption Technology offers security by utilizing a “one time pad” for encryption. The key length is identical to the data length, there is no way to obtain the “plaintext” without knowledge of the key, regardless of the available computational power. This encryption method will never become obsolete provided that the key generation for the “one time pad” is seeded via truly random inputs – as is the case with Omlis. Proof of the un-breakability of a “one time pad” type of encryption was provided by C.E. Shannon in 1949 in “Communication Theory of Secrecy Systems”. The assumptions under which this is true are: that the key is truly random (i.e. unpredictable); that the “plaintext” and key are the same size; and that the key is only used once. Omlis ensures truly random keys through use of our unique key generation algorithm - Data is split into packets of 128 bits and encrypted using a key of the same length (128 bits) and our secure communication protocol uses each key only once. 3 Private & Confidential
Implementation The Omlis Encryption Technology comprises two main software elements. A client element is installed on the sending device, this generates keys and handles the communication protocol. This is termed the “black box” as it is protected from access by security measures. The “black box” communicates with the Omlis Managed Services installed on a server, which in turn manages keys and transaction tokens for all Omlis-enabled devices in a network. Software in the Omlis implementation has been developed using high-integrity software tools (SPARK Ada). These tools are typically used to develop safety-critical software used in aircraft, nuclear power stations and financial infrastructure. This approach ensures the Omlis software is not vulnerable to attacks, for example buffer-overflow attacks, that are used to breach the security of software developed using low-integrity tools. Conclusion Omlis protocols represent a paradigm shift in encryption technology offering a multitude of unrivaled benefits over existing encryption solutions. Typical Use Cases Secure payments from mobile devices Device identification Merchant channel to take payments Secure data entry on a software encrypted keypad Secure web payment transactions 1 2 3 4 5 6 7 8 9 xt NexNex NeNext ext 0 Next 2 4 1 2 2 4 1 2 +44 (0) 845 838 1308 www.omlis.com info@omlis.com Third Floor, Tyne House, Newcastle upon Tyne, United Kingdom, NE1 3JD Private & Confidential Private & Confidential 4

Recommended

SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURE
SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURESIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURE
SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATUREijp2p
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
N45028390
N45028390N45028390
N45028390IJERA Editor
 
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...IJECEIAES
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric blockijcisjournal
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safeeSAT Publishing House
 
A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...eSAT Journals
 

Recommended

SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURE
SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURESIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATURE
SIGNCRYPTION SCHEME BASED ON SCHNORR DIGITAL SIGNATUREijp2p
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
N45028390
N45028390N45028390
N45028390IJERA Editor
 
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...
A Survey on Comparisons of Cryptographic Algorithms Using Certain Parameters ...IJECEIAES
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric blockijcisjournal
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safeeSAT Publishing House
 
A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...eSAT Journals
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...EditorJST
 
CNS Solution
CNS SolutionCNS Solution
CNS SolutionNitin Kanzariya
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
File transfer with multiple security mechanism
File transfer with multiple security mechanismFile transfer with multiple security mechanism
File transfer with multiple security mechanismShubham Patil
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptographyShivam Singh
 
Free space QKD
Free space QKDFree space QKD
Free space QKDBen Catchpole
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16jemtallon
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444IJRAT
 
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKSAN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKScsandit
 
Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Sathya Madhesh
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & cryptoShehrevar Davierwala
 
A05510105
A05510105A05510105
A05510105IOSR-JEN
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Adz91 Digital Ads Pvt Ltd
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocolsguestfbf635
 
Pairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message AuthenticationPairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message AuthenticationIJTET Journal
 
Make up artist
Make up artistMake up artist
Make up artistHajar Abdo
 
Who wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebratesWho wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebratesJesús Rubio Navarro
 

More Related Content

What's hot

2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...EditorJST
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
File transfer with multiple security mechanism
File transfer with multiple security mechanismFile transfer with multiple security mechanism
File transfer with multiple security mechanismShubham Patil
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptographyShivam Singh
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16jemtallon
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444IJRAT
 
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKSAN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKScsandit
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Adz91 Digital Ads Pvt Ltd
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocolsguestfbf635
 
Pairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message AuthenticationPairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message AuthenticationIJTET Journal
 

What's hot (20)

2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
 
CNS Solution
CNS SolutionCNS Solution
CNS Solution
 
Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
File transfer with multiple security mechanism
File transfer with multiple security mechanismFile transfer with multiple security mechanism
File transfer with multiple security mechanism
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Lightweight cryptography
Lightweight cryptographyLightweight cryptography
Lightweight cryptography
 
Free space QKD
Free space QKDFree space QKD
Free space QKD
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444
 
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKSAN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
 
Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & crypto
 
A05510105
A05510105A05510105
A05510105
 
Cryptography
CryptographyCryptography
Cryptography
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocols
 
Pairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message AuthenticationPairing Based Elliptic Curve Cryptosystem for Message Authentication
Pairing Based Elliptic Curve Cryptosystem for Message Authentication
 

Viewers also liked

Make up artist
Make up artistMake up artist
Make up artistHajar Abdo
 
Who wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebratesWho wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebratesJesús Rubio Navarro
 
Questionairree
QuestionairreeQuestionairree
QuestionairreeHajar Abdo
 
Alyssa's Updated Resume
Alyssa's Updated ResumeAlyssa's Updated Resume
Alyssa's Updated ResumeAlyssa Smith
 
The shining opening frame analysis
The shining opening frame analysisThe shining opening frame analysis
The shining opening frame analysisHajar Abdo
 
Phish5 sample campaign report
Phish5 sample campaign reportPhish5 sample campaign report
Phish5 sample campaign reportSimon Cairns
 
Arctic monkeys’ brainstorm music video analysis
Arctic monkeys’ brainstorm music video analysisArctic monkeys’ brainstorm music video analysis
Arctic monkeys’ brainstorm music video analysisHajar Abdo
 
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.be
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.beProefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.be
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.bePatrik Van Den Bossche
 
Who wants to_be_a_millionaire - energy2
Who wants to_be_a_millionaire - energy2Who wants to_be_a_millionaire - energy2
Who wants to_be_a_millionaire - energy2Jesús Rubio Navarro
 

Viewers also liked (13)

Make up artist
Make up artistMake up artist
Make up artist
 
Who wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebratesWho wants to_be_a_millionaire - vertebrates
Who wants to_be_a_millionaire - vertebrates
 
HOH
HOHHOH
HOH
 
Questionairree
QuestionairreeQuestionairree
Questionairree
 
Alyssa's Updated Resume
Alyssa's Updated ResumeAlyssa's Updated Resume
Alyssa's Updated Resume
 
The shining opening frame analysis
The shining opening frame analysisThe shining opening frame analysis
The shining opening frame analysis
 
Lighting
LightingLighting
Lighting
 
Phish5 sample campaign report
Phish5 sample campaign reportPhish5 sample campaign report
Phish5 sample campaign report
 
SOP Suomeksi Powerpoint
SOP Suomeksi PowerpointSOP Suomeksi Powerpoint
SOP Suomeksi Powerpoint
 
Arctic monkeys’ brainstorm music video analysis
Arctic monkeys’ brainstorm music video analysisArctic monkeys’ brainstorm music video analysis
Arctic monkeys’ brainstorm music video analysis
 
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.be
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.beProefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.be
Proefavond Slovaakse wijnen Wijngilde De Sleedoorn www.slovakwines.be
 
The excretory system
The excretory systemThe excretory system
The excretory system
 
Who wants to_be_a_millionaire - energy2
Who wants to_be_a_millionaire - energy2Who wants to_be_a_millionaire - energy2
Who wants to_be_a_millionaire - energy2
 

Similar to Omlis fact sheet july 2014, Secure Mobile Payments

Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd Iaetsd
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMijcisjournal
 
Enhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid ComputingEnhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid Computingijtsrd
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docxblondellchancy
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Implementation of aes and blowfish algorithm
Implementation of aes and blowfish algorithmImplementation of aes and blowfish algorithm
Implementation of aes and blowfish algorithmeSAT Publishing House
 
CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)Michael DeLaGarza
 
The effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networksThe effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networksIOSR Journals
 
A Survey On The Cryptographic Encryption Algorithms
A Survey On The Cryptographic Encryption AlgorithmsA Survey On The Cryptographic Encryption Algorithms
A Survey On The Cryptographic Encryption AlgorithmsJoe Osborn
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Php text processing by softroniics
Php text processing by softroniicsPhp text processing by softroniics
Php text processing by softroniicsaswin tbbc
 
Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...CAS
 
How encryption works
How encryption worksHow encryption works
How encryption workss1180012
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406pradip patel
 

Similar to Omlis fact sheet july 2014, Secure Mobile Payments (20)

L017136269
L017136269L017136269
L017136269
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
 
Enhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid ComputingEnhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid Computing
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
 
Implementation of aes and blowfish algorithm
Implementation of aes and blowfish algorithmImplementation of aes and blowfish algorithm
Implementation of aes and blowfish algorithm
 
CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)CipherLoc_OverviewBrochure (1)
CipherLoc_OverviewBrochure (1)
 
The effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networksThe effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networks
 
O017128591
O017128591O017128591
O017128591
 
A Survey On The Cryptographic Encryption Algorithms
A Survey On The Cryptographic Encryption AlgorithmsA Survey On The Cryptographic Encryption Algorithms
A Survey On The Cryptographic Encryption Algorithms
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cryptointro
CryptointroCryptointro
Cryptointro
 
Week 12 slide
Week 12 slideWeek 12 slide
Week 12 slide
 
Week 12 slide
Week 12 slideWeek 12 slide
Week 12 slide
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Php text processing by softroniics
Php text processing by softroniicsPhp text processing by softroniics
Php text processing by softroniics
 
Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...
 
How encryption works
How encryption worksHow encryption works
How encryption works
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406
 

Omlis fact sheet july 2014, Secure Mobile Payments

  • 1. Omlis Fact Sheet: Omlis Encryption Technology www.omlis.com Private & Confidential
  • 2. Objective This fact sheet documents the failure and limitations of existing encryption technologies and shows how the innovative approach taken by Omlis in re-imagining encryption protocols offers a range of unrivaled benefits across a multitude of applications. Current Encryption Section Summary: Contents Contents 1 Problem 1 Omlis Encryption Technology Outline 2 Security Strength 3 Implementation 4 Conclusion 4 Typical Use Cases 4 Fraud is dramatically increasing as mobile and internet centric payments increase Block-based encryption is largely dependent on the protection of a single key Existing encryption solutions place a significant burden on servers and infrastructure The transfer of sensitive information from one place to another is subject to increasingly costly criminal attack and incidents of committed fraud. This is a particular problem for payment systems using mobile devices which cannot be kept behind firewalls and for any kind of communication that must pass through an insecure network (such as the internet or mobile telephony infrastructure). Block-based encryption methods that are currently employed to protect sensitive payments (such as Triple-DES and AES) are entirely dependent on the security of the keys that are used. These methods employ the same keys repeatedly giving criminals a significant opportunity to obtain a key by using cryptographic analysis of data. Keys can also be obtained by breaching security (through bribery, extortion, theft, etc.). Block-based encryption requires additional protocols to facilitate the exchange of keys, representing further opportunity for compromise, while the multitude of keys required for large number of clients can also be problematic. Existing encryption methods require significant processing power to decrypt data. This requires powerful and costly central server infrastructure to handle encrypted communications from a large number of devices. Additional servers may also be required to handle key exchange protocols, adding further to costs. The failure and limitation of existing encryption technology processes questions the traditional ‘bigger is better’ encryption philosophy. Omlis understands the limitations of current encryption technologies and offers an innovative solution that delivers a new encryption protocol offering unrivaled benefits. 1 Private & Confidential
  • 3. Omlis Encryption Technology Outline The most secure method of encryption, given a reliable source of unpredictable keys, is the “one time pad”. This type of encryption cannot be broken by cryptographic analysis, regardless of the scale of computing resources applied. The Omlis Encryption Technology uses “one time pad” encryption. This is used to encrypt small packets of data using unpredictable keys which are generated by the sending device (e.g. a mobile phone). Section Summary: Inherently secure encryption via “one time pad” Truly random key generation using one-way transformations on environmental variables A unique token is used for identification of users, devices and transactions Omlis Product Algorithm ...7315231113... Light Lumens 123 Seed Feed Subtractive Encryption Encrypted Package Transmitted Output Each key is unique to a specific user, device and transaction and is created and used within a short time frame. This approach ensures minimal opportunity for data harvesting (to obtain keys) or for security to be breached. Exchange of keys is an integral part of the Omlis communication protocol and thus no additional key-exchange infrastructure is required. A system of tokens is used to provide secure identification of the device from which secure communication originates. The Omlis key generation method utilizes a plurality of variables. Some will come from user input, others will be variables associated with environmental conditions on a device. The device contains the defining parameters of a plurality of scrambling functions and by using the variables can calculate a plurality of scramble values. Each scramble value comprises a combination of environmental variables combined in accordance with one of the plurality of scrambling functions. The Omlis encryption system also includes the process to produce a scramble code and generating the encryption key from the scramble code itself. This unique method ensures that keys cannot be predicted at all, eliminating the one possible attack against “one time pad” encryption. Environmental Variables Encryption Key ID Token Private & Confidential 2
  • 4. Omlis technology re-examines the fundamental equation P=NP (which asks “Is something that is easy to find, easy to check?”). By inverting this to become (NP=P) stating that something that’s hard to find is hard to check, it is possible to create an algorithm that uses NP inputs. By feeding these into itself, which is also NP in characteristic, an isolated and totally secure environment is created, which derives a P. This P is a pseudo-random number and is imaginary in character, only reflective of a process whose values are also defined by an imaginary group that NP=P is different in each running of the algorithm. By doing this the “one time pad” we create is unique and truly unpredictable. If a malicious party wished to predict this number they would have to work out the values of the two NP inputs used to create it – which means that the NP=P process would be reversed and fed back through the P=NP. It would need a computer far more powerful than any available to work out the actual number and even ‘big data’ analytics of inputs to the algorithm and output encryption data would not be reflective of the process, hence no pattern can exist. P=NP As the key generated by the Omlis method is the same length as the “plaintext” data being encrypted, there is no need for a complex multi-stage encryption/decryption algorithm. This is a major advantage for a system handling encrypted communication from a large number of devices, such as a mobile payment system. The processing load for key generation is distributed among all the devices in the network and, as a result, does not burden the central server. Security Strength Section Summary: As computing power increases exponentially, current encryption techniques become more vulnerable and easier to break The Omlis “one time pad” can not be broken; even with infinite computing power Omlis key generation occurs within a mobile device rather than overloading central servers Encryption methods are conventionally assigned a security strength rating in terms of the effective number of bits in the encryption key. As an example, Triple-DES offers 112 bit security. This security strength rating indicates the number of calculations required to extract the key from encrypted data using a “brute force” attack (one that tries every possible key in turn). As computing speeds increase exponentially (Moore’s law) it is only a matter of time before the encryption methods currently in use are no longer secure. Quantum computing even suggests that it will eventually become possible for every key permutation to be given simultaneously; prompting systems to utilize larger sizes of keys. This will, in turn, require even more significant processing power for encryption and decryption before eventually falling short in the quantum age. The Omlis Encryption Technology offers security by utilizing a “one time pad” for encryption. The key length is identical to the data length, there is no way to obtain the “plaintext” without knowledge of the key, regardless of the available computational power. This encryption method will never become obsolete provided that the key generation for the “one time pad” is seeded via truly random inputs – as is the case with Omlis. Proof of the un-breakability of a “one time pad” type of encryption was provided by C.E. Shannon in 1949 in “Communication Theory of Secrecy Systems”. The assumptions under which this is true are: that the key is truly random (i.e. unpredictable); that the “plaintext” and key are the same size; and that the key is only used once. Omlis ensures truly random keys through use of our unique key generation algorithm - Data is split into packets of 128 bits and encrypted using a key of the same length (128 bits) and our secure communication protocol uses each key only once. 3 Private & Confidential
  • 5. Implementation The Omlis Encryption Technology comprises two main software elements. A client element is installed on the sending device, this generates keys and handles the communication protocol. This is termed the “black box” as it is protected from access by security measures. The “black box” communicates with the Omlis Managed Services installed on a server, which in turn manages keys and transaction tokens for all Omlis-enabled devices in a network. Software in the Omlis implementation has been developed using high-integrity software tools (SPARK Ada). These tools are typically used to develop safety-critical software used in aircraft, nuclear power stations and financial infrastructure. This approach ensures the Omlis software is not vulnerable to attacks, for example buffer-overflow attacks, that are used to breach the security of software developed using low-integrity tools. Conclusion Omlis protocols represent a paradigm shift in encryption technology offering a multitude of unrivaled benefits over existing encryption solutions. Typical Use Cases Secure payments from mobile devices Device identification Merchant channel to take payments Secure data entry on a software encrypted keypad Secure web payment transactions 1 2 3 4 5 6 7 8 9 xt NexNex NeNext ext 0 Next 2 4 1 2 2 4 1 2 +44 (0) 845 838 1308 www.omlis.com info@omlis.com Third Floor, Tyne House, Newcastle upon Tyne, United Kingdom, NE1 3JD Private & Confidential Private & Confidential 4