2. Objective
This fact sheet documents the failure and limitations of
existing encryption technologies and shows how the
innovative approach taken by Omlis in re-imagining
encryption protocols offers a range of unrivaled
benefits across a multitude of applications.
Current Encryption
Section
Summary:
Contents
Contents 1
Problem 1
Omlis Encryption Technology Outline 2
Security Strength 3
Implementation 4
Conclusion 4
Typical Use Cases 4
Fraud is dramatically increasing as mobile and internet centric payments increase
Block-based encryption is largely dependent on the protection of a single key
Existing encryption solutions place a significant burden on servers and infrastructure
The transfer of sensitive information from one place to another is subject to increasingly costly criminal attack
and incidents of committed fraud. This is a particular problem for payment systems using mobile devices which
cannot be kept behind firewalls and for any kind of communication that must pass through an insecure network
(such as the internet or mobile telephony infrastructure).
Block-based encryption methods that are currently employed to protect sensitive payments (such as Triple-DES
and AES) are entirely dependent on the security of the keys that are used. These methods employ the same keys
repeatedly giving criminals a significant opportunity to obtain a key by using cryptographic analysis of data. Keys
can also be obtained by breaching security (through bribery, extortion, theft, etc.).
Block-based encryption requires additional protocols to facilitate the exchange of keys, representing further
opportunity for compromise, while the multitude of keys required for large number of clients can also be
problematic.
Existing encryption methods require significant processing power to decrypt data. This requires powerful
and costly central server infrastructure to handle encrypted communications from a large number of devices.
Additional servers may also be required to handle key exchange protocols, adding further to costs.
The failure and limitation of existing encryption technology processes questions the traditional ‘bigger is better’
encryption philosophy. Omlis understands the limitations of current encryption technologies and offers an
innovative solution that delivers a new encryption protocol offering unrivaled benefits.
1 Private & Confidential
3. Omlis Encryption Technology Outline
The most secure method of encryption, given a reliable source of
unpredictable keys, is the “one time pad”. This type of encryption
cannot be broken by cryptographic analysis, regardless of the scale of
computing resources applied. The Omlis Encryption Technology uses
“one time pad” encryption. This is used to encrypt small packets of data
using unpredictable keys which are generated by the sending device
(e.g. a mobile phone).
Section Summary:
Inherently secure encryption via
“one time pad”
Truly random key generation
using one-way transformations
on environmental variables
A unique token is used for
identification of users, devices
and transactions
Omlis
Product
Algorithm
...7315231113...
Light
Lumens 123
Seed Feed
Subtractive
Encryption
Encrypted
Package Transmitted
Output
Each key is unique to a specific user, device and transaction and is created and used within a short time frame.
This approach ensures minimal opportunity for data harvesting (to obtain keys) or for security to be breached.
Exchange of keys is an integral part of the Omlis communication protocol and thus no additional key-exchange
infrastructure is required. A system of tokens is used to provide secure identification of the device from which
secure communication originates.
The Omlis key generation method utilizes a plurality of
variables. Some will come from user input, others will be
variables associated with environmental conditions on
a device. The device contains the defining parameters
of a plurality of scrambling functions and by using the
variables can calculate a plurality of scramble values.
Each scramble value comprises a combination of
environmental variables combined in accordance
with one of the plurality of scrambling functions. The
Omlis encryption system also includes the process
to produce a scramble code and generating the
encryption key from the scramble code itself. This
unique method ensures that keys cannot be predicted
at all, eliminating the one possible attack against “one
time pad” encryption.
Environmental
Variables
Encryption
Key
ID Token
Private & Confidential 2
4. Omlis technology re-examines the fundamental equation P=NP (which
asks “Is something that is easy to find, easy to check?”). By inverting
this to become (NP=P) stating that something that’s hard to find is hard
to check, it is possible to create an algorithm that uses NP inputs. By
feeding these into itself, which is also NP in characteristic, an isolated
and totally secure environment is created, which derives a P. This P is
a pseudo-random number and is imaginary in character, only reflective
of a process whose values are also defined by an imaginary group that
NP=P
is different in each running of the algorithm. By doing this the “one
time pad” we create is unique and truly unpredictable. If a malicious
party wished to predict this number they would have to work out the
values of the two NP inputs used to create it – which means that the
NP=P process would be reversed and fed back through the P=NP. It
would need a computer far more powerful than any available to work out the actual number and even ‘big data’
analytics of inputs to the algorithm and output encryption data would not be reflective of the process, hence no
pattern can exist.
P=NP
As the key generated by the Omlis method is the same length as the “plaintext” data being encrypted, there is no
need for a complex multi-stage encryption/decryption algorithm. This is a major advantage for a system handling
encrypted communication from a large number of devices, such as a mobile payment system. The processing
load for key generation is distributed among all the devices in the network and, as a result, does not burden the
central server.
Security Strength
Section
Summary:
As computing power increases exponentially, current encryption techniques become more
vulnerable and easier to break
The Omlis “one time pad” can not be broken; even with infinite computing power
Omlis key generation occurs within a mobile device rather than overloading central servers
Encryption methods are conventionally assigned a security strength rating in terms of the effective number of bits
in the encryption key. As an example, Triple-DES offers 112 bit security. This security strength rating indicates
the number of calculations required to extract the key from encrypted data using a “brute force” attack (one that
tries every possible key in turn). As computing speeds increase exponentially (Moore’s law) it is only a matter of
time before the encryption methods currently in use are no longer secure. Quantum computing even suggests
that it will eventually become possible for every key permutation to be given simultaneously; prompting systems
to utilize larger sizes of keys. This will, in turn, require even more significant processing power for encryption and
decryption before eventually falling short in the quantum age.
The Omlis Encryption Technology offers security by utilizing a “one time pad” for encryption. The key length is
identical to the data length, there is no way to obtain the “plaintext” without knowledge of the key, regardless of
the available computational power. This encryption method will never become obsolete provided that the key
generation for the “one time pad” is seeded via truly random inputs – as is the case with Omlis.
Proof of the un-breakability of a “one time pad” type of encryption was provided by C.E. Shannon in 1949 in
“Communication Theory of Secrecy Systems”. The assumptions under which this is true are: that the key is truly
random (i.e. unpredictable); that the “plaintext” and key are the same size; and that the key is only used once.
Omlis ensures truly random keys through use of our unique key generation algorithm - Data is split into packets
of 128 bits and encrypted using a key of the same length (128 bits) and our secure communication protocol uses
each key only once.
3 Private & Confidential
5. Implementation
The Omlis Encryption Technology comprises two main software elements. A client element is installed on the
sending device, this generates keys and handles the communication protocol. This is termed the “black box”
as it is protected from access by security measures. The “black box” communicates with the Omlis Managed
Services installed on a server, which in turn manages keys and transaction tokens for all Omlis-enabled devices
in a network.
Software in the Omlis implementation has been developed using high-integrity software tools (SPARK Ada).
These tools are typically used to develop safety-critical software used in aircraft, nuclear power stations and
financial infrastructure. This approach ensures the Omlis software is not vulnerable to attacks, for example buffer-overflow
attacks, that are used to breach the security of software developed using low-integrity tools.
Conclusion
Omlis protocols represent a paradigm shift in encryption technology offering a multitude of unrivaled benefits over
existing encryption solutions.
Typical Use Cases
Secure payments from
mobile devices
Device identification Merchant channel to
take payments
Secure data entry on a
software encrypted keypad
Secure web payment
transactions
1
2
3
4
5
6
7 8
9
xt
NexNex
NeNext
ext
0 Next
2 4 1 2 2 4 1 2
+44 (0) 845 838 1308 www.omlis.com info@omlis.com
Third Floor, Tyne House, Newcastle upon Tyne, United Kingdom, NE1 3JD
Private & Confidential Private & Confidential
4