Más contenido relacionado La actualidad más candente (19) Similar a Unicaseeds Demo Days - Cryptolab (20) Unicaseeds Demo Days - Cryptolab2. 2
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
Team
Copyright © 2014 Cryptolab All Rights Reserved.
3. 3
Cryptolab – What we do
Cryptolab is an IP (Intellectual Property) company, active in the Cyber Security
industry, a market that is expected to reach worldwide $80B in 2017
Cryptolab main focus is Cryptography, that is techniques used to defend data in
transit between systems, reducing the probability that data exchanged between
systems can be intercepted or modified
Cryptolab has developed innovative patented cryptographic algorithms focused on
the following domains of application:
Enterprise data encryption
Cloud data encryption (Fully Homomorphic Encryption)
Cryptolab encryption algorithms have been used to develop software solutions that
increase the security of data transactions within different fields of application,
targeting industries where privacy and data security is a key issue, such as Financial
Services, Healthcare, Cloud computing etc.
Copyright © 2014 Cryptolab All Rights Reserved.
4. 4
Cryptolab – Our history
Founded as a R&D lab, Cryptolab filed the patent for the MB09 algorithm and
obtained the registration in September 2012
Received seed investments from Italian Business Angels to proceed with new
research in cryptography and file new patents
Filed for the new algorithm MB11 and obtained the green-light from the
European Patent Authority (EPO)
Filed other patents related to Digital Signature and Blind Signature, and
designed an innovative satellite One Time Password (OTP) system
Started working with an Italian accelerator and incubator with a subsidiary based
in Silicon Valley, M31 LLC
Founded the Italian IP company, Cryptolab
Q2: received a seed investment from the Italian fund TTSeed
Q2: Signed a commercial agreement with M31 LLC for marketing and business
development activities
2009
2010
2011
2012
2013
Copyright © 2014 Cryptolab All Rights Reserved.
5. 5
Cryptolab – Next steps
Q3: foundation of the American IP company, Cryptolab LLC
Q4: Completion of the first algorithms Applications:
1. RSA Malware protection
2. HyperCrypto, a data encryption solution based on a patented pending
mechanism based on Cryptolab algorithms
3. Fully Homomorphic Encryption
Q1: RSA Malware protection project(s) and Pilots for HyperCrypto and Fully
Homomorphic solutions
Business development and Sales
2013
2014
Copyright © 2014 Cryptolab All Rights Reserved.
6. 6
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
Team
Copyright © 2014 Cryptolab All Rights Reserved.
7. 7
Algorithms
Encryption algorithms developed and patented by Cryptolab are:
MB09 – Encryption system based on Public/ Private keys that enables the
creation of a sequence of encrypted messages shareable
among many users and with a system administrator
Zero Knowledge – Encryption protocol that allows one Party, called the Prover,
to prove to another Party, called the Verifier, that a given
statement is true, without conveying any additional information
apart from the fact that the statement is indeed true
Compression Algorithm – Algorithm that allows to compress data
regardless statistical entropy
Copyright © 2014 Cryptolab All Rights Reserved.
8. 8
MB11 – Encryption system based on Public/ Private keys. It allows to have high
security level with limited computational requirements.
It is an alternative to RSA encryption system
Digital signature on MB11 – Mathematical scheme that allows to demonstrate
the authenticity of a digital message or document
HyperCrypto – Encryption mechanism that allows to eliminate traditional
password and tokens solutions required to perform secure
data transactions
Algorithms cont’d
Copyright © 2014 Cryptolab All Rights Reserved.
9. 9
Algorithms cont’d
RSA “attack” – Malware detection that demonstrate the vulnerability of
applications developed based on RSA algorithm
MB23 – Encryption system for Cloud computing. It allows to encrypt data, send
to the cloud and inquire them without decryptions made
at cloud level
Copyright © 2014 Cryptolab All Rights Reserved.
10. 10
Algorithms – Fields of application
Cryptolab encryption algorithms target the following fields of application:
Security protocols for data transactions, virtual payments
Digital signature
Blind signature: digital voting, digital cash
User identification and OTP, One-Time-Key (OTK) creation
Cloud computing
Copyright © 2014 Cryptolab All Rights Reserved.
11. 11
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
12. 12
RSA “attack” and Cryptolab solution
Encryption solutions based on RSA algorithm have vulnerabilities based on the
evidence that:
is possible to encrypt a message, M, using a method of “fake encryption” that
provides a “fake encrypted message”, c’
and
the “fake encrypted message”, c’, is not detected and rejected by standard
systems/ procedures used to verify the authenticity of encrypted messages
and
the c’ is processed as the encrypted message, c
Copyright © 2014 Cryptolab All Rights Reserved.
13. 13
RSA “attack” and Cryptolab solution cont’d
Cryptolab has designed a set of patent protected software development guidelines
to protect encryption applications based on RSA algorithm from the RSA “attack”,
patented by Cryptolab
This type of vulnerabilities has critical impacts on Information Systems’ security
because the “faked encrypted message”, c’, can be read not only by the message
Sender and the message “official” Receiver, but also by anyone in the middle (i.e. an
hacker)
The RSA “attack” developed by Cryptolab is based on a “fake encryption method” that
allows to modify encrypted message, c (sent by the Sender to the Receiver) into a
“fake encrypted message”, c’, so that an hacker by intercepting c’ (public parameter),
will be able to decrypt the message, without any awareness by Information Systems’
security procedure and/ or software
Copyright © 2014 Cryptolab All Rights Reserved.
14. 14
Cryptolab RSA Malware solution – Target markets
Cryptolab RSA Malware solution target markets are:
IT security companies
System integrators
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
15. 15
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
16. 16
HyperCrypto – The problem we address
Existing data encryption applications realize user identification processes - required
to transmit encrypted data – with token-based (physical or virtual) solutions
Device
(Smartphone, tablet, PC)
Service provider Server (Banks,
Hospitals,…)User
User identification/ authentication is the first action for a user that want to send encrypted data to a generic receiver – for
instance the Bank in the scenario of a user that is making a transaction using his/ her online banking
The identification/ authentication process is done using tokens, that generate random numbers started from token seeds
stored within the Service provider server
If the Service provider server is subject to an hacking attack that steal token seeds it is possible with a Men-in-the –Middle
approach intercept the encrypted message sent by the user with the possibility to change the encrypted message
The possibility to enter the Service provider server to steal token seeds together with vulnerabilities of RSA-based
applications are the main reasons to support the low level of security of existing data encryption solutions
Token “seeds” are stored in the
Service provider server
EXISTING DATA ENCRYPTION SOLUTIONS
Copyright © 2014 Cryptolab All Rights Reserved.
17. 17
HyperCrypto – The solution we propose
Cryptolab data encryption applications realize user identification processes with a
solution that generates the encryption using a random stream of bit and a function that
select a pattern x of bits (the same on user and server side) used to create the One-
Time-Key to encrypt the message
The identification/ authentication process is done a mechanism that using a OTK allows the creation of a function that define
the pattern to use to select the bits of the random stream of bit
On server side there are not private keys stored, that is every session has a new and unique private key that is deleted at the
end of the session
The use of OTK inhibits any hacking attack, because there are no private keys stored
Copyright © 2014 Cryptolab All Rights Reserved.
CRYPTOLAB DATA ENCRYPTION SOLUTIONS
Users private keys are stored in
the Service provider server
Device
(Smartphone, tablet, PC)
Service provider Server (Banks,
Defense departments,…)User
18. 18
HyperCrypto – Value proposition
HyperCrypto data encryption solution overcome many of the well known*
vulnerabilities of data encryption solutions based on tokens
The level of security reached with HyperCrypto can fit level of security required by
the Defense industry
With HyperCrypto any Man-in-the-middle attack is useless
In addition to a higher level of security HyperCrypto requires limited computation
requirements
* http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/
Copyright © 2014 Cryptolab All Rights Reserved.
19. 19
HyperCrypto – Target markets
HyperCrypto target markets can be grouped as follow:
IT security companies
System integrators
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
20. 20
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
RSA “attack” and Cryptolab solution
HyperCrypto
Fully Homomorphic Encryption
Team
Copyright © 2014 Cryptolab All Rights Reserved.
21. 21
Fully Homomorphic Encryption – The problem we address
In different type of applications, such as cloud computing, e-voting, e-cash etc. there is
the need to manipulated encrypted data
Typically we have one of the following situations:
Encrypted data are decrypted before any type of manipulation with a
subsequent high level of computational requirements
Encrypted data can be manipulated applying only few mathematical
operations, but cannot do all, in order to preserve the structure of the
encrypted data. This is called Partially Homomorphic Encryption
Copyright © 2014 Cryptolab All Rights Reserved.
22. 22
Fully Homomorphic Encryption – Definition
Homomorphic encryption is a form of encryption which allows specific types of
computations to be carried out on cipher text and obtain an encrypted result which
decrypted matches the result of operations performed on the plaintext
For instance, one person could add two encrypted numbers and then another person
could decrypt the result, without either of them being able to find the value of the
individual numbers
An efficient and fully Homomorphic Encryption scheme would enable new kinds of
distributed computing
Copyright © 2014 Cryptolab All Rights Reserved.
23. 23
Fully Homomorphic Encryption – The solution we propose
Cryptolab has developed an Algorithm that allows to manipulated encrypted data
applying all the possible SQL queries preserving data structure
One of the most urgent applications of the Fully Homomorphic Encryption is the Cloud
computing, in particular for those industries, such as Financial services, where the
Cloud adoption has been restrained by security issues
Data are sent and stored in the cloud encrypted
The end-user can access its web/ mobile
application and ask for data stored in the Cloud
The query made by the web( mobile application is
translated into NEWQuery (that is a type of “SQL-
translated” query model) on encrypted data
The NEWQuery calculation is performed and the
Cloud provide back data encrypted to the web/
mobile application
Copyright © 2014 Cryptolab All Rights Reserved.
24. 24
Fully Homomorphic Encryption – Value proposition
Fully Homomorphic Encryption allows to mismatch the service provider and the data
owner, allowing the last one to access encrypted data through SQL queries
It also allow the service provider to make statistics without knowing private data
Copyright © 2014 Cryptolab All Rights Reserved.
25. 25
Fully Homomorphic Encryption – Target markets
Fully Homomorphic Encryption target markets can be grouped as follow:
IT security companies
System integrators
Cloud service providers
Vertical markets where IT security is key:
Financial services, Banking and Insurance
Public sector
Healthcare
Copyright © 2014 Cryptolab All Rights Reserved.
26. 26
The products – Professional engraving machines
Agenda
Cryptolab
Algorithms
Applications and target markets
Team
Copyright © 2014 Cryptolab All Rights Reserved.
27. 27
Cryptolab Team
Massimo Bertaccini, CEO
Areas of expertise:
Mathematical cryptography
Marco Bagnaresi, Computer Science Degree
Areas of expertise:
Software development
Alessandro Passerini, Software Engineer
Areas of expertise:
Software design and
development
Tiziana Landi, Software Engineer
Areas of expertise:
Software design and
development
Copyright © 2014 Cryptolab All Rights Reserved.
28. 28
Cryptolab ITA Office
Via Strada Statale Selice, 47
40026 Imola (BO)
Italy
Ph: +39 0542 366016
Cryptolab US Office
92 Bonaventura Dr
San Jose, CA 95134
USA
Ph: +1 408 988 8404