Impenetrable’ encryption arrives to lock down Internet of Things

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page
Credit for photo: by Dan Chmielewski
Cred­it for pho­to: by Dan Chmielewski

LAS VEGAS – Robert Coleridge, CTO of start­up Secure Chan­nels, has rent­ed time in a shark cage to get up close and per­son­al with a great white shark. For kicks.

That’s a mild thrill com­pared to wrestling with math con­cepts to invent what Coleridge con­tends is a rev­o­lu­tion­ary, impen­e­tra­ble new method to encrypt data.

Coleridge recent­ly secured a U.S. patent for his inven­tion. Now, Secure Chan­nels is busy pur­su­ing com­mer­cial uses for this new lev­el of encryp­tion, address­ing gap­ing secu­ri­ty holes to ful­fill the promise of the Inter­net of Things.

To get the secu­ri­ty community’s atten­tion here at Black Hat, Secure Chan­nels posed an entic­ing chal­lenge to the planet’s top good guy hack­ers: The first per­son to crack into a file pro­tect­ed by Secure Chan­nels’ nov­el encryp­tion process, dubbed PKMS2, would win a new BMW sedan.

win-bmw

Secure Chan­nels CEO Richard Blech pro­fessed no wor­ries. His con­fi­dence proved war­rant­ed, as the 48-hour dead­line expired Thurs­day night. None of the more than 150 hack­ers who par­tic­i­pat­ed in the hack­ing con­test could crack in.

Coleridge is a col­or­ful char­ac­ter. He’s a native of Cana­da and U.S. cit­i­zen, who lives with his wife in a home seclud­ed in the forests out­side of Belling­ham, Wash­ing­ton, near the Cana­di­an border.

He spent 20 years design­ing infra­struc­ture sys­tems at Microsoft and, he says, he always focused on the secu­ri­ty aspects of oper­at­ing sys­tems and net­work archi­tec­tures he has worked on.

He’ll dive deeply into tech­ni­cal jar­gon, then spin what he’s describ­ing into vivid analo­gies. He told Third­Cer­tain­ty that his new approach to encryp­tion is like stack­ing up mul­ti­ple lay­ers of twist­ed sheets of sta­t­ic. Or, he told me, it’s akin to using an ocean to obfus­cate the mol­e­cules in a  glass of water.

He calm­ly asserts that it would take a super­com­put­er run­ning flat out—making 19 quadrillion cal­cu­la­tions per second—approximately 29 times the age of the uni­verse to break PKMS2.

That’s how big the num­ber is,” Coleridge says. “The age of uni­verse being 14 bil­lion years, it would take 29 times the num­ber of sec­onds in 14 bil­lion years to brute force every pos­si­ble combination.”

Secure Chan­nels has a bold plan to intro­duce what Coleridge describes as “impen­e­tra­ble encryp­tion” in a part­ner­ship with Inter­net ser­vices com­pa­ny Prox­im­i­ty. The part­ners are mov­ing to deploy high­ly secure sys­tems that will help advance the deliv­ery of new forms of con­sumer ser­vices in air­ports and malls.

One exam­ple Secure Chan­nels CEO Richard Blech told me about is a deal to equip high-end malls with ultra-secure cus­tomer track­ing sys­tems that will sup­port adver­tis­ing and mobile trans­ac­tions for con­sumers strolling to spe­cif­ic stores.

Cur­rent encryp­tion tech­nol­o­gy isn’t triv­ial to crack. But there’s room in the mar­ket for a high­er lev­el of encryp­tion, Blech says, under­scored by the Tar­get breach and Edward Snowden’s intel­li­gence leaks.

The last thing they (high-end retail­ers) need is a breach like Tar­get,” he says.

Anoth­er deal Secure Chan­nels has in the works is a part­ner­ship to install video dis­play kiosks in spaces that once held pay phones in airports.

If Secure Chan­nels achieves com­mer­cial suc­cess, it could be a linch­pin to advanc­ing the so-called Inter­net of Things in a much safer way.

 

 


Posted in Cybersecurity, Data Security, News & Analysis