Post-Quantum Encryption

CEW_Square300x300.png

CEW Systems Canada Inc.

Is a new post-quantum encryption company which is now introducing brute force attack proof encryption API software that has been in development over the past 4 years. 

Third Party Academic Independent Review

Saskatchewan Polytechnic’s Digital Integration Centre of Excellence was gracious enough to engage with CEW Systems Canada and perform a short CTO-funded analysis on our Bi-Symmetric Hybrid Encryption System. 

Dr. Cyril Coupal's CTO report currently can be made available to those who have signed a Non-Disclosure Agreement.

Dr. Coupal described Bi-Symmetric Encryption in this way:

Bi-Symmetric Encryption uses a unique and novel handshake incorporating encrypted session key combinations, allowing user’s login credentials, biometric data, credit card data, or command/activation codes to be quickly and correctly processed, without directly transmitting this confidential data.1 The plug-and-play, hybridized encryption system employs concepts like asymmetric encryption meshed with more secure symmetric encryption. A significant difference from commonly employed asymmetric encryption is that during the initial handshake to set up communication, no vulnerable data are exchanged. Should the sender key communication be intercepted by a hacker, they still cannot pretend to be the originator of the communication to the receiver.

Dr. Cyril Coupal, Saskatchewan Polytechnic, March 2021

There is an important distinction to make when comparing Bi-Symmetric Encryption with asymmetric encryption.  Both create keys to allow Alice to encrypt data for Bob, however, unlike the asymmetric public keys, which can be encrypted by anyone who intercepts the keys, Bi-Symmetric keys can only be encrypted the holder of the correct password.  This means Malory cannot encrypt a misleading message to send to Bob. 

During the initial handshake, private keys are generated from or found in the form of login credentials, credit card information, biometric data, or other personal credential information or pre-shared private keys, which are then used to start the handshake and are never actually transmitted.

Dr. Cyril Coupal, Saskatchewan Polytechnic, March 2021

The Bi-Symmetric Encryption handshake is unique in that the initial private keys are never transmitted.  This is true if the sender is using a password, credit card data, biometric data or any other data as the login credentials.

An important aspect of the encryption is that plain text characters in the data packets are modified individually instead of in groups or blocks, meaning that there are no overall mathematical relationships that can be identified. Each packet to be encrypted uses a different set of keys adding greatly to the complexity of the encrypted message. Several benefits result. Brute force attacks have no way in which to identify if an attempt to unencrypt a portion of the message results in valid useable data. Hence any possible outcome is as likely as any other outcome. When billions of possible outcomes exist, it becomes impossible to determine the correct one.

Dr. Cyril Coupal, Saskatchewan Polytechnic, March 2021

Dr. Coupal has described, quite succinctly, how and why the Bi-Symmetric Encryption system is brute force attack proof and since math formulas are not used to encrypt the data, quantum computers will be unable to find a mathematical formula to decrypt by. Quantum computers can very efficiently use both brute force attacks and mathematical based attacks when looking for, say the RSA math based key pairs.

It may seem contrary that overhead processing of the Bi-Symmetric Encrypted message does not add significant delays to encryption/decryption (as reported by CEW during a series of encryption runtime tests). This seems reasonable when one understands that instead of processing large byte sets in encrypted blocks, the system encrypts small blocks but with a large set of keys. Thus, processing is very fast while still secure. This is why the CEW white paper calls the system the fastest, smallest, and largest of the encryption techniques.

Dr. Cyril Coupal, Saskatchewan Polytechnic, March 2021

CEW Systems has publish our preliminary timing results for the encryption handshake (click here).  Dr. Coupal describes in his paper why the timing numbers seems contrary to competing encryption protocols.  (Please note, the white paper is available to interested parties who have signed a non-disclosure agreement)

Dr. Coupal's Conclusion:

The new and novel Bi-Symmetric Encryption system reviewed here offers multilevel quantum resilient encryption technology that has been specifically designed to be immune to brute force attacks, man-in-the-middle, and rolljam[1] attacks.  Wherein other encryption programs only provide a token key exchange, or 2-Factor Authentication (2FA), the Bi-Symmetric Encryption system is designed with an exponentially leveled multi-factor authentication system.  The Bi-Symmetric Encryption handshake allows for pre-shared private keys, login credentials and command codes to be processed by a receiving device or server without the need to transmit the data directly.  Bi-Symmetric Encryption is designed to be embedded within electronic devices and systems such as Internet of Things (IoT), automotive Remote Keyless Systems (RKS), autonomous systems such as driverless vehicles, as well as being ideally suited for online downloading of keys to allow smart devices to be used by vehicle owners to connect to their vehicles.

Through integration with online retailors, credit card companies and financial institutions, a higher level of security can be achieved for the millions of transactions that occur daily over the internet.

 

[1] A method to break into an automobile by blocking and recording the signal transmitted by a car key fob and then used by the recording device to access the vehicle. (https://www.hackster.io)           

Dr. Cyril Coupal, Saskatchewan Polytechnic, March 2021