Praetorian Secure proposes a security-centric framework for securing the Internet of Things (IoT). The framework features:
1) Comprehensive data security at the device, module, and gateway levels to protect data prior to and after a breach.
2) A flexible, device-agnostic architecture to support various devices and interfaces.
3) Scalable cloud infrastructure for device management, data collection/storage, authentication, and potential monetization through analytics.
4) Mobile and web applications to control devices and access the cloud infrastructure with comprehensive security.
The goal is to build an IoT solution that is secure, scalable, and can enable future monetization opportunities through partnerships.
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Preatorian Secure partners with Cipher loc - New Encryption Technology
1. Protecting the World’s Data
(by making encryption faster, stronger, and scalable)
February 2017
2. The Problem
…it’s simply a
question of when
It’s not a
question of if a
data breach will
occur…
CipherLoc’s technology is designed to safeguard data
by rendering it unusable to the attacker
3. Our Value Proposition
Our technology dramatically enhances data security
CipherLoc’s patented technology provides an ironclad way to protect information
Our innovative approach makes encryption processing faster
Reduced latency lessens the penalty associated with deploying encryption technology
Our solutions are scalable and future-proof
No need to continually increase key sizes to keep pace with advances in computing horsepower
Eliminates threats associated with quantum computing and plain-text recovery attacks
Our products are easily deployed
Deployment option 1: Add CipherLoc software to any existing product, application, or service
Deployment option 2: White-label a pre-built, fully turn-key service offering(s)
Strong
Fast
Scalable
Flexible
4. Today’s Approach to Protecting Data: Encryption
• Traditionally, encryption technology has been used to protect data…
• However, ubiquitous use of encryption has been hampered by a number of factors:
• Encryption is slow
• Key sizes need to be continually increased (which also increases latency)
• Papers have shown that it is increasingly possible to “break” into encrypted files using
plaintext-recovery techniques
• Algorithms will be irreparably compromised when quantum computing becomes
mainstream in the near-future
5. Our Innovative Solution
Each message is broken into multiple fragments. Every
fragment has a unique key, a unique encryption method, are
randomly grouped into different lengths, can be further re-
encrypted. Segments are independent from each other.
• Accelerates the encryption process through multithreading
• Security improves as computing horsepower improves
• Not susceptible to plain-text recovery attacks
• Inherently resistant to quantum computing attacks
Each message is treated as a monolithic block of data;
messages are encrypted using keys; block sizes must
exactly match the size of the key
• Slow and latency increases as key sizes increase
• Costly upgrades needed to update keys & algorithms
• Susceptible to plain-text recovery attacks
• Quantum computing will irreparably compromise
We make encryption faster, stronger, and scalable
6. How it Works in Practice
How Encryption is Currently Performed
Seed (key)
Plaintext Ciphertext
1. Information to be protected given to encryption engine
2. Seed (key) is also provided to encryption engine
3. Entire plaintext data block converted to ciphertext
1. Information to be protected given to CipherLoc utility
2. Seed (key) is also provided to CipherLoc utility
3. Entire plaintext data block is randomly fractured
4. Seed is used generate large numbers of random keys
5. Each individual fragment is encrypted using a one-time use key and an
existing encryption algorithm (e.g. AES)
6. Fully-encrypted fragments are dispersed using TCP/IP
1
2
3
How Encryption is Enhanced with CipherLoc
Plaintext
Ciphertext
CipherLoc1
2
3
Seed (key)
4
5 6
Strong
7. Speed Comparison Fast
0.00
0.50
1.00
1.50
2.00
2.50
3.00
3.50
10KB 100KB 1MB 25MB 125MB 500MB 1GB
Encryption Processing Time
AES CipherLoc + AESTime (sec)
Size of Data
Our innovative approach
makes encryption
processing faster
Reduced latency lessens
the penalty associated
with deploying
encryption technology
8. Future-Proof
How Encryption is Currently Performed
Seed (key)
Plaintext Ciphertext
How Encryption is Made Future-Proof with CipherLoc
Plaintext
Ciphertext
CipherLoc
• Rapid advances in computing horsepower require continuous
upgrades to maintain existing security levels
• DES 3DES
• 128-bit AES 256-bit AES 512-bit AES
• Every upgrade is costly, time-consuming, and temporary
• Quantum computing, once available, will irreparably
compromise existing encryption approaches
Seed (key)
Scalable
• Security strength can be vastly improved via many easy-to-deploy techniques:
1. Randomize the types of encryption algorithms used (i.e. use additional ciphers
other than just AES)
2. Increase the number of fragments generated
3. Re-encrypt each fragment multiple times – and with different encryption
algorithms
• Even if quantum computing manages to “break” an individual fragment, no
information is obtained about the other fragments or their ordering
AES-
128
AES-
256
Two-
fish
Blow-
fish
3DES
ECC
1
2
3
9. Deployment Option 1: Add to Existing Service
LIBRARIES
OPERATING SYSTEMS
Mac OSWindows Linux Android IOS
Encryption (e.g. AES)
APPLICATION
Customer-defined
Existing product / application / service
Software
To/from targeted hardware platforms
(servers, PC, tablets, mobile device, etc.)
Note: this will be dependent on the customer application
LIBRARIES
Encryption (e.g. AES)
OPERATING SYSTEMS
CipherLoc
APPLICATION
Customer-defined
Existing product / application / service with CipherLoc
Software
Mac OSWindows Linux Android IOS
Adding CipherLoc…
… is as simple as
inserting code on
top of where
encryption is used
Flexible
To/from targeted hardware platforms
(servers, PC, tablets, mobile device, etc.)
Note: this will be dependent on the customer application
10. Deployment Option 2: Turn-Key Model
Secure Voice
CLIENT CLIENT CLIENT
Secure Storage
STORAGE
Secure Chat
CLIENT CLIENT
Secure Email
CLIENT CLIENTEMAIL
SERVER
Secure Transfer
CLIENT CLIENTSERVER
Secure Video
CLIENT CLIENT
Flexible
12. Summary
• Data breaches are inevitable...
Our solutions are designed to protect an organization’s most sensitive data prior to, and in case
of, a data breach
• Encryption is hard, slow, and difficult to scale…
CipherLoc’s innovative technology solves each of these problems
• Best of all, our technology does not require any changes in architecture
We are simply a utility that takes existing encryption algorithms and makes them better, faster,
stronger, and scalable
CipherLoc - Protecting the World’s Data
13. Securing the IoT – A Proposed Framework
Praetorian Secure
February 2017
14. Overview
• Overarching goal is to create an IoT solution that is secure, scalable, and
easily monetized
• Framework will be defined assuming that data breaches are inevitable
Proposal will ensure that information will be protected prior to, and in case of, a data breach
• Additional privacy/security to be achieved via layered authentication
One-to-one pairing of data to user, multifactor authentication (if desired), capable of supporting alternate trust
models (e.g. Kerberos)
• Flexible architecture to enable monetization opportunities to be easily added
• Partnership-driven model to enable each party to focus on core strengths
16. Gateway & “Things”
GATEWAY
Processor
Local Network (Wifi, ZigBee, etc.)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
“THINGS”
Processor
Module (opt)
• IoT device-agnostic architecture
• Comprehensive data security (embedded chip-level, module-level, and/or gateway-level)
• Hardware modules to support various device and wireless interfaces (FCC pre-certified)
• IoT gateway supporting device/cloud connectivity, security, protocol translation, data filtering and processing, updating,
management, aggregation, etc.
• H/W partner to support mechanical, electrical, certifications, customizations, etc.
17. Cloud
• Cloud-centric architecture supporting device configuration / set-up, account / device ownership management, communication,
data collection and storage, etc.
• Comprehensive and scalable security for both data-in-motion and data-at-rest
• Strong authentication mechanisms to provide one-to-one pairing of data to user (including access control)
• Analytic systems to collect, analyze, organize, and feed data to the most relevant users
• Scalable architecture to enable future monetization options including machine learning and artificial intelligence
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
18. Mobile & Web
• Pre-built mobile applications to enable end users to control the connected device, connect to the cloud, etc.
• Web-based console to provide administrative control over entire IoT infrastructure
• Comprehensive and scalable security, including complete data protection and identity-based authentication
• Fully-featured IoT web management/console system supporting:
• Device management
• Monitoring & control
• Software distribution and management
• Provisioning
MOBILE WEB
• Dashboards
• Alert systems
• Permissions
• Over-the-air (OTA) communications
19. Putting it All Together
GATEWAY
Processor
“THINGS”
Processor
Module (opt)
CLOUD
Analytics (opt)
Storage
Database
Messaging
AI (opt)
MOBILE WEB
• Unlike other IoT architectures that start with
the IoT infrastructure and adds security
afterwards, proposed architecture is
purpose-built with security as the foundation
• Proposed architecture is device- and
protocol-agnostic
• Works equally well in both consumer and
industrial IoT applications
• Monetization opportunities can be
seamlessly added (e.g. data storage,
database management, data analytics,
machine learning, etc.)
• White-label options / customizations exist for
“things”, gateways, mobile apps
IRONCLAD DATA PROTECTION
STRONG AUTHENTICATION
COMPLETE IoT SOFTWARE FRAMEWORK
Security-Centric IoT Framework
21. Thank You
Brent A. Bernard |Direct: 248.953.3853| brent.bernard@praetoriansecure.com
Austin Ross | Office: 1.855.519.7328 | Austin.ross@praetoriansecure.com