By Paul McGough
What would you think if there were a cure for cancer, but the medical profession didn?t provide it? How about a plant that solves world starvation, but farmers couldn?t be bothered to grow it? Or if there were an Unbreakable cipher for perfect digital security, but the cryptography field doesn?t use it?
Not only is that Unbreakable cipher real – it?s been around for over a hundred years! It was invented by Gilbert Vernam, a Bell Labs Engineer (not a cryptographer, mind you) in 1917 and is the only Unbreakable cryptographic cipher. All it took for anyone to send an Unbreakable message was to pre-share a one-time-only encryption key, which is known as a One-Time Pad or OTP.
So if this perfect Unbreakable cipher exists, why doesn?t cryptography use it? Well, the OTP was great for small groups of participants —but wasn?t as good for large networks— such as the world. Since everyone needed a new unbreakable OTP key every time they wanted to send a secret message, you can see this Key Distribution Problem (KDP) was quite a problem.
In the 1970s, large networks were envisioned and created. Cryptography?s luminaries at the time arrived at a dual-key approach as their attempted solution to the KDP – and this way everyone only needed one key (a public key) and anyone could talk to them. The problem with their idea: it didn?t work as an encryption capability since it was way too slow, so it was only an authentication mechanism.
Not only did their new approach not work for encryption, it was so slow that it couldn?t do more than the very beginning of any messaging session. The ?tag-along? encryption mechanisms had to be different than the already perfect OTP, so Unbreakable was lost.
And to add insult to injury, both of the new approaches —for authentication and encryption— are not really based on fact, like the Unbreakable OTP. They are based on theory. And leaving a secret ?theoretically? safe isn?t a good idea – just ask any gossip columnist!
But as luck would have it, there is a solution to the Key Distribution Problem that uses the 100-year-old Unbreakable cipher. It?s all about distributing those OTP keys, every time, for every use, to anyone who wants to message securely.
Here?s how: Everyone gets one authentication key that verifies their identity. It mathematically —not theoretically— creates (but never sends) a one-time encryption key. Now we are back to Unbreakable encryption. As part of the process, the authentication key mathematically —again, not theoretically— changes every time it is used without being sent. Now we have Unbreakable key distribution as well.
Combination technology from OTP encryption and one-key authentication yields Unbreakable in any communication system and will in the near future have massive implications for all global networks. With that, let?s examine how.
IoT:
The IoT security landscape is devoid of any common provision and has so many moving parts that the current rush-to-market is trampling the future expectations – and is a prime reason that the so-called smart home concept has truly taken off.
The fragmentation of devices (memory and storage limitations, power profiles, connectivity methods, etc.), protocols (types, standards, default contents, etc.), ownership (commercial, consumer) and control (apps) of the IoT marketplace demands one authentication and encryption solution. This solution has to be flexible enough to apply, broad enough to encompass, uniform enough to limit required customization, and capable enough to actually perform within usability requirements.
That?s why the current system just doesn?t work – and Unbreakable will. When applied, it will finally deliver universal security to this market, transforming offerings to meet the consumer?s vision.
There you have it, a Secure, Smart, and Interconnected Home.
Internet:
For over 20 years, HTTPS —the Secure Internet— still only gets used less than 75% of the time. This privacy void is directly related to the methods used by the current protocol that provides authentication and encryption that locked, secure browser. HTTPS is terrifying slow, cumbersome, complex, full of one-off extensions and at its last chance ability to provide the next generation of Cloud-based, content rich, ever-present secure, private Internet.
What is required, then, is the Unbreakable OTP: order of magnitude performance improvement, streamlined efficiency, easy end-user participation, and universal application. A model for individual, secure connectivity to global content —whether provided by a Mom-n-Pop underpowered website or a processing-rich web presence— is the future of the Internet Everywhere.
Ta-da! Finance:
There has been a promised explosion in P2P financial applications. For. Ever. The only problem is, there isn?t any way to actually be certain that the security is complete and end-to-end. And until those required properties appear for the back-end (e.g., banks, processors), the middle (e.g., commercial entities, brick-n-mortar, web), and the end user (e.g., everyone) it?ll remain just that: a promise.
Unbreakable will provide end-to-end security in a fast and efficient manner, which is the one thing everyone wants to hear when it concerns their money. Why? It can?t be stolen! This universal uniform application of the Unbreakable OTP will actually deliver on the expectations of the market.
That means end-to-end Unbreakable, fast payments. Finally.
About The Author
Paul McGough
Co-founder and CTO
Qwyit