The modern encryption systems constitute the backbone of our technological world.
Every single day trillions of dollars of financial transactions are protected (or, we
wish to believe so) by sophisticated cryptographic protocols. Our medical and
financial records, personal audio-visual and video communications ought to remain
private and accessible only by us, and people/institutions specifically authorized by
To people outside the world of cryptography, it seems hard to believe that the vast majority of encryption systems, aimed at protecting our privacy, are based on unproven conjectures. For example, the security of the de-facto standard in the field of public key encryption- the RSA algorithm - is based on the conjecture, that it is computationally intractable to factorize large integers. This conjecture has been seriously tested within the realms of only two attacking scenarios, namely, the use of sieving factorization algorithms and elliptic curve factorization technique. There are many untested approaches that might be a lot more successful in attacking and compromising the RSA technology. More to the point, it is strictly proven (Shor’s quantum factoring algorithm) that a quantum computer with sufficient (e.g. – a few thousand) qubits can very quickly solve the problem and, therefore, break the RSA encryption algorithm. Exactly the same consideration applies to the public key encryption algorithms based on the conjectured difficulty of the discrete logarithm problem (like Diffie-Hellman key exchange protocol) and elliptic curve discrete logarithm problem (ECDH algorithm, supported by NSA’s suite B until 2011; after that NSA has withdrawn the support of any encryption technology that uses factorization and discrete logarithm conjectures for reasons, unknown to the general public).
Speaking of quantum computers, there are many breakthroughs in the last 2-3 years that will dramatically change the world we live in. Whilst twenty years ago the main question was if we could ever build a quantum computer, today all expert in the field are in unison that problem is not ‘if’, but when. Most predictions are that by year 2022 we will have a working quantum computer that can solve computational problems of paramount importance for our society. In terms of encryption, however, such a computer can have the power to break and make totally obsolete basically all of the existing and – still – widely used encryption technologies.
This is the main reason why researchers in academia and industry started to investigate ‘post-quantum’ security algorithms. That is, seeking computational
problems and building encryption systems upon them, for which efficient quantum algorithms are not yet known. One has to be totally in the clear, that the lack of efficient breaking algorithm at the moment does not mean that the non-existence of such algorithms. That is, the security of these post-quantum encryption systems is also entirely based on conjectures. Or wishful thinking…. A quick look at any of the most popular and widely used books on cryptography (e.g., Applied Cryptography by Bruce Schneier) showcases something that might look surprising to a casual reader. That is, that in fact we have an encryption system that guarantees the highest level of security and is completely immune against any attacks, including quantum computations. The system has been proposed by Claude Shannon and is called one-time pad (OTP). If OTP is coupled with a true random number generator (TRNG), then its security is mathematically guaranteed.
If there is a provably secure encryption system, that does not rely on any conjectures, mathematical or technological, then a logical question is this one; why do we use different encryption technologies? The answer is that OTP-based security systems are suitable for low bandwidth applications. The key management is also rather complicated. Nevertheless, OTP-based encryption systems have been used at the highest level of security – like securing the red phone link between the White House and Kremlin during the Cold War.
Basic Facts About FACT:
Shannon’s scheme in a way that overcomes its main and well-known drawbacks. At
the heart of the technology is the generation of a large – 200MB – shared secret,
that is privately distributed among the members of the group that would like to
communicate securely. This is the only phase of the technology that involves
randomization. 200 megabytes can be viewed as a succession of one billion and
600 millions zeros and ones; if one wants to write down this binary number, then
one will need several thousand pages simply to print such a number. Once the
secret has been shared between the members of the group, FACT uses specific
algorithm to produce different OTPs and encrypt every single message with those
pads. The critical idea is that the simplicity of the encryption process – a succession
of massive XOR (exclusive OR) operations – allows the avoidance of the most
problematic issue of any OTP-based technology, that is, the fact that the key must
be at least as large as the message.
The Table below (from Luther Martin (HP), ‘Introduction to Identity-Based Encryption’, Information Security and Privacy Series, 2008, Artech House) showcases the incredible amount of time necessary to implement a brute-force attack against even relatively short OTP-based scheme. Since OTP schemes are breakable only by making use of exhaustive search, one gets a very clear idea about the security of those encryption systems.
Table 1: Progress towards testing all 128-bit Keys on Hypothetical Machine
|Event||Years in the future||Bits of Key Tested|
|Earth’s continent collide||250 million||110|
|Milky Way collides with the Andromeda Galaxy||3 billion||114|
|Sun becomes a white dwarf||8 billion||115|
Software and hardware implementations:
FACT encryption algorithm has been successfully implemented, tested and verified
on a software level. We have a Java-based implementation that generates 50KB
keys per second on a desktop computer (Intel i5-2500K with 8GB of RAM and a 500GB harddisk).
Since the main computational operation is a large XOR operation, one can predict fairly
accurately the execution time of the algorithm on an application specific VLSI
design. Assuming that the propagation delay and the contamination delay of a
typical XOR gate are 100ps and 55ps, respectively, with a dedicated hardware, we
can produce 50MB key in less than a second. Such a speed is totally out of reach by
the competitive encryption technologies.
In the last decade of the 20th century cryptographers have made several attempts
to commercialize the concept of decentralized crypto-currency. They all have failed
for various reasons, most common one being the poor scalability of the architecture
of the crypto-currency system. The introduction of BitCoins in 2007 has changed
the world of financial transaction in a dramatic way and now we are witnessing an
enormous interest in this field. The main concept is the blockchain – a continuously
growing block of financial records, secured by appropriate encryption techniques.
One can find a very large number of accessible explanations of this technology.
Fundamentally, there are three types of blockchains – public, consortium and fully
private blockchains. It is the last two categories where we envision the efficiency of
FACT to be used to its fullest extent..
The main assumption of FACT – the initial private and secure distribution of the shared secret amongst the members of the fully private blockchain – is a realistic one in this case. After that, the entire encryption process of the financial records is provably secure and, more to the point, very fast. One of the biggest advantages of FACT is its very good suitability to hardware acceleration. Whilst the typical financial transaction in the public blockchains would require about 10 minutes, for private blockchains, protected by FACT, the same transaction would require certainly about a minute and, with appropriate hardware accelerations, a few seconds. Also, FACT does not add significant overhead to the financial transaction records. Therefore, the scalability issue is becoming less important in this case..
Other Areas of applications:
Medical data. One of the areas that can make a straightforward use of FACT’s
technology is protecting medical records from unauthorized accesses. There is
no need to specifically justify the paramount importance of such a protection.
FACT’s encryption engine guarantees that the medical records will be protected
for any interval of time against any hacking attempts.
Military applications. In those cases, one needs a perfect secrecy, higher
possible security and, often, very fast encryption procedures. FACT’s technology
has it all.
Car-to-car communications. In the near future, driverless cars will become
more and more popular. They have to be able to communicate between
themselves and it has to be done in a secure manner, otherwise a possible
attack on the security mechanism will certainly have terrible consequences. The
REAL PROVABLE SECURITY of FACT’s technology offers the best possible solution
for those applications..
The Specific Tests for Encryption:
- FACT has tested well on DIEHARDER.
- These series of tests are complex for evaluating when a random number generator will break down.
- FACT has a rock solid TRNG or True Random Number Generator.
- FACT is impervious to cracking even with quantum computing!
- FACT uses the only truly secure encryption technology.
DieHarder Tests by Robert G. Brown.
At the suggestion of Linas Vepstas on the Gnu Scientific Library (GSL) list this GPL’d suite of random number tests will be named “Dieharder”. Using a movie sequel pun for the name is a double tribute to George Marsaglia, whose “Diehard battery of tests” of random number generators has enjoyed years of enduring usefulness as a test suite.
The dieharder suite is more than just the diehard tests cleaned up and given a pretty GPL’d source face in native C. Tests from the Statistical Test Suite (STS) developed by the National Institute for Standards and Technology (NIST) are being incorporated, as are new tests developed by Robert G. Brown. Where possible or appropriate, all tests that can be parameterized (“cranked up”) to where failure, at least, is unambiguous are so parameterized and controllable from the command line.
Robert G. BrownDuke University Physics DepartmentDurham, NC 27708-0305Copyright Robert G. Brown, 2017
Specifics Related to FACT Technology:
- FACT is a new “zero-day” crypt-technology, providing safe encryption with megabit keys. It does use fresh random data with every new stream to encrypt. It provides provable protection at one-time-pad-equivalent level. It is immune to quantum-computing attacks – hence maximally future safe
- FACT reduces the classical otp-key-handling-problem to a once-in-a-lifetime minimum, where only a finite amount of 200MB of “shared secret“ is required to be exchanged at initial setup.
- FACT is “key management made easy“ beyond military grade security. The forward-looking technology is able to encrypt an unlimited amount of data without ever running out of new key. The per-document-key itself is neither stored, nor transmitted, nor can it be predicted in advance. This also means identical plain-texts will always yield completely different crypt-texts (OTP-equivalent keys are never re-used). It can reliably protect any data-communication stream and data storage (archives, backups). Unless a receiver has the shared secret the cipher-text can‘t be told from purely random noise. This protection holds true even when an attacker has gained knowledge of all the inner workings and knows everything except the shared secret. The technology does not require a handshake and can be used in a broadcast-only mode of operation – opening many new possibilities to structure information exchange and communication solutions. At first all this might sound either absurd or even impossible … and yet history tells initial reactions to many of the great inventions that just similar (like self-driving cars).
- In our increasingly digital world each day the risks of being vulnerable to electronic espionage are getting higher and daily the media reveal more details how bad the situation already has become. Basically anything with storage or networking now lives in a digital battlefield. Being able to protect against foreign control, espionage, manipulation etc. is like having a superior immune-system during an epidemic: one survives while others perish.
- FACT has been designed to efficiently encrypt any data and voice communication driven with any stationary or mobile computing device. FACT secures the critical information infrastructure of businesses, individuals and organizations against espionage and information theft. Fact also protects intangible assets of businesses and individuals from becoming violated by third parties.
- F.A.C.T.-RaaS – Randomness as a Service is designed for companies, or organizations to fit their need for true random numbers. These random numbers are generated by the second generation of our quantum noise TRNG´s (True Random Number Generators). All the military grade true random numbers are successfully tested against FIPS PUB 140-2 (NIST), ENT (www.forumlab.ch/random) and the DIEHARDER test suite from Robert G. Brown.
- F.A.C.T.-TRNG These days experts around the globe started to talk again about Random Number Generators. Nowadays, the use of weak RNGs (Random Number Generators) is one of the most important reasons for security breaches. We know this since years. Therefore we have developed our own generation of True Random Number Generators. They are designed for companies, or organizations to get true random numbers directly from their own generator and not from a third party device.
- F.A.C.T.-IP In the world of postquantum cryptography, our technology offers an easy-to-apply yet absolutely secure solution against the potential attacks. It does not make use of computational primitives that are vulnerable to quantum computers.The stream cipher was one of the ideas to solve the problem, but all the stream ciphers are more or less predictable and crackable given the time and computer power of a skilled group of attackers. The difference between FACT and all other solutions is that FACT is real OTP, which has no need to exchange keys in advance for every encryption. Fact’s key exchange is only once during the setup of the system. This is mathematically proven and declared by Shannon in 1947 that OTP is unbreakable. That is still a fact today.
- This fact has been acknowledged many times in the cryptographic literature, but our technology is the first to make a very efficient use of it in a way that can be applied virtually everywhere. Our technology is provably secure and does not depend on any unproven and – often questionable – assumptions.
- Todays well known existing public key technologies are not quantum save. Technologies like RSA, ECC, AES, NTRU, Lattice-based encryption and some other less popular technologies are breakable. Especially RSA, AES and ECC are breakable by a potential quantum computer (something that NSA – according to Snowden – is very likely to already possess). OTP and the modification of OTP, used by FACT, is provably unbreakable! That´s FACT!
- The FACT encryption technology is not a stream-cipher!
Imagine the shared secret, the 200 MB as small peaces of colored glass in a kaleidoscope. Turning it slightly to the left or to right, billions of different pictures will be seen like the billions of different keys that can be build.
Every FACT-member has the same shared secret, the same 200 megabytes and under the same conditions they can rebuild the key. The FACT-key-id is a random starting point definition. Building a FACT-key is a random walk on a random seed. If one has a different base, it is impossible to build the key.FACT is completely different to any other existing solution. FACT is a symmetric crypt solution. Today, all other crypt solutions are asymmetric crypt solutions. They use a shorter public key and a private key to encrypt.FACT-IP will be beneficial and powerful in various business areas like: Public Sector, Governments Military/Defense Healthcare Finance Telecommunication (Carrier, ISP, Content provider, Cloud provider, Satellite) Utility/Energy Manufacturing, Industrial Automation Pharma Automotive to enable absolutely secure exchange and handling of any informations using Streaming- & File-encryption, Database-encryption, Remote Controlled Vehicles (secure communications), Securing cloud storage, Secure long term archiving and more.