Frequently Asked Questions
What exactly is Bi-Symmetric encryption?
Bi-symmetric encryption is an internet communications handshake protocol that uses public/private keys similar to typical asymmetric encryption, but instead uses an underlying symmetric encryption system as the encryption backbone.
Why is it called Bi-Symmetric?
We chose bi-symmetric encryption as the name because the encryption handshake is a hybrid of both asymmetric and symmetric encryption. It uses public/private keys just as asymmetric encryption does, while using symmetric encryption called CEW encryption as the underlying encryption software routine.
What is CEW encryption
CEW encryption stands for Compounding Encryption Weaving. It is the symmetric encryption routine used by the bi-symmetric handshake.
How large are key sizes?
For internet transmittals, the software can exchange key sizes from as small as 208 bits, while most common transmittal keys sizes are 1,664 bits, 3,328 bits, 6,656 bits, 8,192 bits and 21,504 bits. For database and file encryption, the key size is exponentially greater and can range up to 93.2 million bits.
With database key sizes so large, does it impact the encryption time?
While the enormity of the key sizes may sound daunting and time consuming to process, the software actually only uses a very small subset of the keys during each encryption process for each database entry. Think of it this way; a janitor working in a school may carry a key chain with 50 keys on it, one for each of the different school rooms. This is how the database encryption works.
How can you claim to be brute force attack proof?
There are several reasons, depending upon the use of the software and technology being used:
Brute force attacks on an ordinary computer work by incrementally testing possible values until the desired output response is found. For example, if a vehicle was locked and a smart device is used to hack it, the brute force attack would start at 0,000,000 and say, the unlock code was 1,234,678, the device would resend the code incrementally advancing the value by 1. The signals would repeat until the correct value was eventually found and the vehicle unlocked. Bi-symmetric software works by using a challenge code and test data combination that changes the unlock code for each attempt. Staring at 0,000,000 and incrementing to 9,999,999 would not unlock the vehicle as the unlock could would always be changing with every attempt.
When decrypting data directly, there are several additional built in safeguards. Some industry standard encryption software programs will give an error if the encryption keys are not correct, bi-symmetric does not.
Another reason is that asymmetric encryption relies upon a math formula to determine what the private key is by factoring the public key. Bi-symmetric encryption does not mathematically correlate the two, instead one is encrypted by the other.
The largest reason asymmetric encryption is vulnerable is that the entire plain text being encrypted is mathematically modified using a math formula. With the under lying encryption of bi-symmetric, each individual letter is modified separately, there is no mathematical link to the entire plain text being encrypted.
A great example that demonstrates how bi-symmetric encryption works: If one were to encrypt, for example, a credit card number, a brute force attack would produce every possible credit card number between 0000 0000 0000 0000 and 9999 9999 9999 9999 with no means to determine which output would be the correct value.
How can you claim being quantum computer proof?
To answer this question, you must first understand how quantum computers work and how they would be used to attack encryption. In short, quantum computes work by calculating multiple possible data inputs simultaneously. For example, a quantum computer doing a spell check on a word would be able to compare it against every English in the dictionary all simultaneously, instead of one at a time.
In the case of decrypting, a quantum computer would be extremely efficient with brute force attacks. A quantum computer will test every possible key combination simultaneously, instantly giving a complete list of outputs. With current asymmetric encryption, public keys are mathematical results from the private keys. As is understood with all current encryption, a quantum computer would be able to instantly find the mathematically corresponding private key to a public key.
With bi-symmetric and CEW encryption using the above-mentioned credit card example, a quantum computer would also produce every possible credit card value between 0 and 9999 9999 9999 9999, but instead the list would be instantly produced. Just as mentioned above, there will be no means to determine which is the correct value. For an additional example, if we were to encrypt a three-letter word, the output would list all 16 thousand possible English words with no means to determine which is the correct decrypted word.
CEW systems has given great thought to how to protect users’ passwords. As noted in the man-in-the-middle attack, passwords are combined with unique identifying data from users’ computers or smart devices, such as serial numbers, before being modified into encryption keys. Hashing passwords with serial numbers is not new, but the optional modification of the “test data” during the login key exchange process with the serial numbers is. Today, many online login systems keep track of which computers their users login from to ensure that if a cybercriminal does obtain a password, they cannot for example, login to a user’s banking account without the user confirming and registering the new computer. Additionally, CEW systems created a patent pending and copyrighted custom user interface password edit box. This new user interface tool displays a dropdown window that contains “Forgot Password”, “Change Password” buttons and a phishing email warning tip window that informs and reminds users that the only means by which to change the password is through the software they are currently using.
The CEW bi-symmetric toolset was developed as a software programming API toolset to be easily plugged into existing software systems by programmers. The toolset is intended for online servers, database servers, personal computers, smart phones, tablets, car FOBs using Bluetooth or similar radio technology, electromagnetic induction swipe cards with built in chips and other programmable smart devices.
Founded in December 2019, CEW systems is a new software company joining the encryption field.
For more information: