Short, fixed length, identifiable keys and detectable, predictable key communication are the two weakest links in encryption security
Austin, Texas (PRWEB) June 28, 2012
Closing the critical security gap in predictable communication of weak encryption keys, MerlinCryption’s enterprise solution utilizes variable key length and a random data generator technology, which requires no key communication.
Common encryptions, such as DES, RSA, and AES, produce simple short key strands, which continually repeat in ciphertext. These fixed length keys are detectable and they must be sent back and forth between users.
MerlinCryption’s variable keys and passwords are sequences of bytes extracted from randomly generated data files, which can be created by a data generator or by using the contents of any digital file. Each key scales in size between 2008 bits and 2 GB and passwords scale up to 64 KB.
Keys and passwords are user-determined and controlled unpredictable to hackers, versus application-generated and constrained in a way known to hackers.
“MerlinCryption technology utilizes Anti-Statistical Block Encryption (ASBE) algorithm, which is not subject to attack models and methods of Cryptanalysis, not based on mathematical technique, and not subject to statistical analysis,” explains Paul (Prem) Sobel, Founding CTO, MerlinCryption, “No two encryptions are alike: Each encryption process always results in a different cyphertext with varying length, even when repeating the same plaintext to encrypt, key, and password.”
MerlinCryption Enterprise Encryption Platform is an under-the-hood powerhouse for agility, and speed. This automated platform includes multi-factor authentication, dynamically changing random data generators, and memory scrub, and are run by a scripting platform controller.
The cryptosystem platform’s data generator outputs keys and passwords that are ‘generated-destroyed-recreated’ on demand, eliminating transfer between end points. The platform incorporates dynamic mult-factor authentication and is run by a scripted controller that ‘wraps’ the process into a tightly customized and impenetrable sequence of execution.
In an enterprise environment the CryptoFile® approach eliminates Public Key Infrastructure (PKI) and its associated costs, such as Certificates, Registration Authority, and Directory Management. Key protocol is not needed. Validation becomes intrinsic. A Central Key Deposit is no longer necessary, as the communication and storage of encryption keys and passwords are not needed.
The Enterprise Encryption Platform effectively works in tandem with MerlinCryption’s stand-alone security programs, based on individual business goals and needs. A simple security blueprint, reinforcing an individual organization’s security and operational structure, replaces the complex key lifecycle.
IT has the ability to control all keys or designate key creation to specific departments and/or individual users. Management can independently use the encryption process or collaborate with IT departments for automated use.
‘Flexible Options’ leverages role-based access rights for authorized user ease and accommodates clients, vendors, and end users who have contrasting levels of sophistication or need-to-know status.
Specifically developed for machine-to-machine, embedded, and OEM environments, MerlinM2M Encryption Platform delivers a small memory footprint in flash memory and/or files and is portable to any device. Encrypted data-payloads can be sent over any transport mechanism, on any communications protocol, and any network.
MerlinCryption partners highly benefit from customization of each encryption engine, which is unique to the individual company and is not interoperable with any other custom engine.
About MerlinCryption LLC
The Smart-World’s Smart-Encryption™ software company in Austin TX, MerlinCryption LLC develops encryption and authentication solutions that protect the integrity of data-at-rest, data-in-motion, data-in-use, and data-in-change as it is created, viewed, edited, shared, stored, and moved across communications channels and through the Cloud.
The encryption is NSA reviewed, BIS approved for export, and OFAC compliant. The cryptosystem enables compliance with industry and regulatory practices regarding the handling and protection of private and confidential information including FDA, HIPAA, and HITECH.
MerlinCryption offers full-scale encryption platforms for Enterprise, M2M, and Authentication, as well as eleven stand-alone software programs for Information Security professionals. MerlinCryption is changing the way the world protects data and secures connectivity