1 / 23

DIVA Dynamic Identity Verification and Authentication

DIVA Dynamic Identity Verification and Authentication. Total IT security One call from single-sign on One framework One protocol Virtually manufactured Virtually provisioned Virtually no cost. President Obama Defines the National Security Threat in 2013 State of the Union.

vivian
Télécharger la présentation

DIVA Dynamic Identity Verification and Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. DIVADynamic Identity Verification and Authentication Total IT security One call from single-sign on One framework One protocol Virtually manufactured Virtually provisioned Virtually no cost

  2. President Obama Defines the National Security Threat in 2013 State of the Union http://www.wnlabs.com/downloads/Whitenoise_Labs_Richard_Marshall.mp4 • We are engaged in cyber war • Iran and North Korea nuclear ambitions • China IP theft • Banking system – recently tens of millions of dollars stolen from ATMs in NYC • Tax returns stolen – billions stolen from US citizens electronic tax returns • Twitter hacked. Facebook hacked. Banks hacked. PayPal hacked. Etc. • Governments hacked – i.e. Wiki Leaks

  3. Security Companies are Cynical We have been losing some ground in the cyber war for a long time and believing current, cynical security providers and their experts that want their kingdoms and current revenue streams and not solutions that threaten their own raison d’etre! See challenge to Black Hat Their solutions are ineffective. Just days after Twitter announced moving to two factor authentication this article on breaking their security was posted: http://securitywatch.pcmag.com/hacking/311869-how-to-hack-twitter-s-two-factor-authentication

  4. DIVA defeats enemies with overwhelming force • DIVA is the strongest key based technology in history and it authenticates users and devices by comparing portions of keystream that have never yet been created or used. • DIVA operates as a dynamic one-time-pad.

  5. 1 protocol: Dynamic Identity Verification and Authentication DIVA • and • 1 framework: Dynamic Distributed Key Infrastructures DDKI • provide all network security: • secure access • dynamic authentication • authorization • identity • signature • repudiation • intrusion detection • automatic revocation • DIVA keys are distributed as software patch, or • DIVA keys are distributed through microprocessors at time of manufacturing. No existing security needs replacement or integration. • We are patented in countries with two thirds of the world’s population, economic activity and manufacturing > 60 patents.

  6. Whitenoise and DIVA are proven to be: •  Man-in-the-Middle attack resistant because there is no key exchange during sessions. •  Side Channel attack resistant because all operations are order 1 operations after key load. •  Mathematical attack resistant proven by the University of California, Berkeley. •  Quantum computing attack resistant because there are no fixed key sizes. •  Botnet attack resistant by configuring a second external key on a non-commandeered computer. •  Denial of Service attack resistant because of identity and secure network access. •  Cloud computing securebecause it uses the strongest endpoint encryption and identity keys known - the endpoint keys used are greater than 250,000 bits strong and generate key streams greater than 10 to the 60th power bytes in length that operate like a one-time-pad. Authentication of tokens happen for tokens never yet created or used before ahead in the stream. Tokens are only used once.

  7. Unbreakable keys Brute Force attack resistant “Exhaustive keysearch is not a threat. With the recommended parameters, Whitenoise uses keys with at least 1600 bits of randomness. Exhaustive search of 1600-bit keys is completely and absolutely infeasible. Even if we hypothesized the existence of some magic computer that could test a trillion-trillion key trials per second (very unlikely!), and even if we could place a trillion-trillion such computers somewhere throughout the universe (even more unlikely!), and even if we were willing to wait a trillion-trillion years (not a chance!), then the probability that we would discover the correct key would be negligible (about 1/2 to the 1340 power), which is unimaginably small). Hence, if keys are chosen appropriately and Whitenoise is implemented correctly, exhaustive keysearch is not a threat.” David Wagner UC Berkeley

  8. Market Opportunity Existing cyber security technology is not working and has FATAL FLAWS.

  9. Lead Customers • Integrators • Alert Sense • Presidio Networks • Segment attack plan • Telcos • Banking (Schleicher’s new company) • Category Leadership • Authentication (certificateless, distributed) • Complete network security

  10. Product • DIVA is a protocol that is called from the login procedure to any application or network. • The endpoint has a small 20k dll. • The server has an application and a database to make dynamic comparisons • and track client keys. That’s it ! ! ! • Global distribution is accomplished in two steps • Online key distribution, enrollment and activation is accomplished through on-line upgrading like Norton’s daily definitions to any device with a connection, write-back capacity for dynamic offsets and a little memory. • Microprocessor are added to devices at manufacturing. This provides complete compliance with permitting and tracking of national security level key technologies in any country in the world. • DIVA is currently being deployed in both government and commercial applications through Alert Sense.

  11. Total Global deployment • Developers add call to DIVA to their single-sign-on login routine. It is one call to DIVA and requires no integration into your existing security controls. It simply fixes them. • Manufacturers add DIVA enabled chips during production. There is no change in cost since they are already using chips sets. On the next product cycle they simply swap chipsets to ones deploying DIVA. • Service providers like Norton etc. can distribute online firmware. • Royalties and licensing fees are collected at time of online enrollment, authentication, and activation for both software and microprocessors.

  12. Competitive Edge • DIVA/DDKI addresses all network security problems. • Higher security • Affordable • Easy to implement • Provisioned electronically or overnight mail • Easy means of anonymity • Keys are >250,000 bits and scalable • Key streams are greater than 10 to the 60th power bytes in length but are • simply stored • Keys are exponential and operate as a one-time-pad • Simple software upgrading, manufacturing, and electronic provisioning • Works in parallel with competitor security; nothing to replace or integrate • DDKI addresses the problems associated with the current architectures • Guards all network data in motion and storage • Can control life of data on the cloud • Complete provenance of data at rest and in motion • Integrates into any sign-on routine or application with a single call • It can be used in any kind of topology and with any other security techniques • without replacing anything • Recognized in international standards communities

  13. Competitive positioning • Existing public key networks use weak keys maxing out effectively at 256 bit strength in network sessions because of the intense mathematics which require accelerators in vast area networks. • Although we can completely displace ineffective public key asymmetric authentication and networks, we aim to work seamlessly with these existing systems and FIX THEIR FATAL FLAWS. In combination, DIVA and PKI create a two-channel (asymmetric and symmetric) multi-factor authentication process that provides ALL network security functions. Their keys can be broken and factored And Public Key Systems are ALWAYS vulnerable to man-in-the-middle attacks.

  14. Financial Path • Addressable market • Government, military • Telecommunications • Banking • It will be completely ubiquitous globally • Revenue Model • Patent licensing and royalties • Implementation (usually one time) • Service provision and network maintenance • Top down marketing: corporations, governments and service providers • should simply be providing secure services.

  15. Management and Leadership • CEO Richard Marshall former Director of Global Cyber for the US Department of Homeland Security • Technical advisor Dr. Brian Snow – former Chief Scientist for NSA • Dr. Thomas Cellucci – business associate - The first-ever Chief Commercialization Officer for the United States Department of Homeland Security. He has worked directly with Presidents George W. Bush and Barack H. Obama. • US government – military and commercial contractors • Alert Sense

  16. Milestones • DIVA and Whitenoise are patented globally in countries with 2/3s of world’s population, economic activity and manufacturing. • Whitenoise Labs has recruited and hired or contracted top government and business cyber experts. • Whitenoise has been recognized by governments, the United Nations, standards groups and top corporations. • US government First National Cyber Leap Year Summit • Presented at United Nations ITU • Presented for International standardization video • DISA certification in process • AT&T certification • Raytheon IFSEC Future of Security • Global Security Challenge

  17. Partners and potential investors • We are targeting partnerships, licensing and joint ventures. • Chip manufacturers – make first mobile Side Channel, Man-in-the-Middle, Botnet and DoS attack resistant mobile processors supplying identity. • Combine with other technologies like biometrics and perform project type implementations. • Signal intercept joint ventures (factoring public keys) • Hands free dynamic authentication or use with quantum RuBee chips for military • Enhance other technologies and eliminate the need and use of passwords. What we want: • Partner for moving DIVA technology to full microprocessor production. • Partner with global daily updating of firmware on-line capability and installation. • Partners for licensing, marketing, and incorporating global subsidiaries on a • country-by-country basis to generate new pools of equity. Sublicensing is conducted by country insiders with a stake in outcomes.

  18. DIVA and Whitenoise Laboratories Canada Inc. Total IT security Virtually manufactured Virtually provisioned Virtually no cost The Future of Security is HERE NOW

  19. Thank you to the Canadian US Embassy in Washington DC for the Innovation Scan program. • Whitenoise is pleased that it has been selected to be a presenter on the Canadian government's • Trade Commissioner Service's Innovation Scan website in Washington DC. • This is an incredibly important program to continue to foster a foundational defense, economic and • technological relationship between Canada and the United States. We share a special relationship. • We share the longest undefended border in the world. Canada is the largest trading partner with the • United States. Together our two countries have maintained and defended the longest period of • peace without incursion on this continent for well over one hundred years. The relationship between • Canada and the US is foundational to our collective prosperity, said Richard Marshal, CEO of • Whitenoise Laboratories and former Director of Global Cyber Security for the US Department of • Homeland Security. • The Canadian embassy is the ONLY embassy that is between the White House and Congress. The • US embassy is the ONLY embassy between Parliament and the Prime Minister's residence. This is a • powerful symbol of our unique relationship says Andre Brisson founder of Whitenoise Laboratories • Canada Inc. We would like to extend our gratitude to both the US government and the excellent staff • at International Trade Canada in Washington DC.

  20. Addendum – three slides on how DIVA and DDKI work

  21. Recent Whitenoise News Telecom Council of Silicon Valley San Andreas Spiffy nomination 2013 for the technology most likely to change the way we live: http://www.wnlabs.com/news/SPIFFY_Award_Nomination.php European Telecommunications Standards Institute: Whitenoise as a Fail Safe for Quantum Key Systems: http://www.wnlabs.com/news/SPIFFY_Award_Nomination.php Letter from the US Department of Homeland Security: http://www.wnlabs.com/papers/DHS_letter_to_Brisson.jpg The Whitenoise Challenge That Black Hat Would Not Take: http://www.wnlabs.com/news/challengeDEFCON.php

More Related