Welcome to Whitenoise,
Three times on this web site you will see references to scientific, historical or landmark achievements in cryptography for which Whitenoise Laboratories Canada Inc. are very proud of and for which the inventors of Whitenoise feel blessed. These are seemingly subtle realities for whose significance can truly be understood only by trained cryptographers and mathematicians. The impact on the security posture of communications and the Internet however will positively effect every man, woman, and child; every scientist and business; and every government on earth fundamentally. They are scientific realities that are fundamental to helping us answer the most pressing question of our day that we must answer collectively: How do we balance Privacy and Security? They are scientific realities never disproved even in the face of academic, business and political self interests groups that will fundamentally affect the quality of the democracies we live in or the democracies we want to live in.
Without real security for everyone fear will rule the day and impact the laws under which we live.
Self interest, hypocrisies and hidden agendas will eventually fade from memory regardless but good science is immutable and these fundamentally impact the continuum of the science of cryptography.
"Mathematics is the language of God." Albert Einstein
Mathematics is not the language of God. Love is. But it is the language of science and scientific method.
In order, I will point to scientific achievements in the order they were discovered and verified as simply as possible. They are facts that you should have reviewed by your best scientists, technicians and cryptographers. They are facts that good scientific method say should be continually challenged, tested and verified. I will gently point to cross motives you can easily unravel with proper research and questioning.
The over-riding fact and reality is this: A WHITENOISE KEY HAS NEVER BEEN BROKEN.
This is more important than ever now in 2013 as it is generally accepted that government agencies in many countries can break any existing cryptographic algorithm. They are not only doing this with traditional cryptanalytic techniques and mathematical short cuts and the ability to steal keys clandestinely but they are able to break any encrypted data (cipher text) without keys but with just the sheer computational power and speeds available in today's computers and brute force on the data you wrongly believe to be secure.
We are faced with the stark reality that unless computer networks are self contained (intranets) and do not access the internet that without the use of Whitenoise there is not a single, secure publicly accessible network on earth.
Performance analysis: This performance analysis was paid for by the National Research Council of Canada and conducted at the renowned laboratories at the University of Victoria .
This was the first time that a cryptographic algorithm passed the NIST randomness tests on the first round without running data through the encryption process at least a second time (this is much like putting meat through a meat grinder a second time.)
This was the first time that a cryptographic algorithm did not even have anticipated statistical errors in randomness testing during months of testing against a super computer array. The NIST test suite is the benchmark used for this kind of study and analysis. It allows for one statistical failure for every hundred rounds of testing on a cryptographic algorithm. For the purposes of this study, this this thresh hold was increased by an order of magnitude and was set up to allow only one statistical failure for every thousand rounds of testing. There was not a single statistical failure. Creating a scientific conundrum in a field that only allows theorizing about pseudo randomness this research showed that Whitenoise is orders of magnitude more random that samples of radioactive decay which has historically been accepted as the benchmark for the most random event in nature.
The performance analysis can be found on the previous tab of this Technology menu.
This security analysis was done by David Wagner, a renowned cryptographer at the University of California , Berkeley . Dr. Wagner is internationally recognized and has been used for expert testimony on cryptography and security by United States Congressional committees. He is also internationally recognized for working on the Blowfish algorithm and morphing it into the Two Fish algorithm after the failure of Blow Fish to be approved for consideration in the AES (Advanced Encryption Standard) competition. Dr. Wagner was recommended by Brian O'Higgins, a true Canadian and cryptographic icon, and attention was focused on the results of this study by the National Research Council of Canada and Communications Security Establishment.
A security analysis examines whether there are any known mathematical or brute force techniques that can be used to break an encryption algorithm.
The scope documents for proper Whitenoise deployment state that Whitenoise subkeys should never be smaller than hundreds of bytes long and that in commercial, military and government market deployments, that it is not recommended to use Whitenoise keys that are weaker than 250,000 bits in strength or shorter than 10 to the 14 power bytes in length.
The laboratories at the University of California , Berkeley chose to try to break the smallest and weakest Whitenoise key that can be constructed. Using subkeys of the smallest prime number lengths (i.e. 2, 3, 5, 7, 11 etc. bytes long) and the weakest bit strength possible, 1600 bits, Dr. Wagner was compelled to concede and report:
"Exhaustive keysearch is not a threat. With the recommended parameters, Whitenoise uses keys with at least 1600 bits of randomness. Exhaustive search of 1600-bit keys is completely and absolutely infeasible. Even if we hypothesized the existence of some magic computer that could test a trillion-trillion key trials per second (very unlikely!), and even if we could place a trillion-trillion such computers somewhere throughout the universe (even more unlikely!), and even if we were willing to wait a trillion-trillion years (not a chance!), then the probability that we would discover the correct key would be negligible (about 1/2 to the 1340 power), which is unimaginably small). Hence, if keys are chosen appropriately and Whitenoise is implemented correctly, exhaustive keysearch is not a threat."
David Wagner UC Berkeley
The security analysis can be found on the previous tab of this Technology menu.
Side Channel attack resistance
This two year study was funded by an NSERC grant from the National Research Council of Canada and completed in 2013.
Before Whitenoise there has never been a cryptographic algorithm known that has been acknowledged as being resistant to any known Side Channel attack classes. This is a scientific landmark result.
A side channel attack uses the physical properties attendant with utilities that are controlled by computers like electricity, or physical characteristics of computers and computer chips themselves like electro magnetism etc. This data is presumed to be freely available for scientific testing and is used to create a crib, a known piece of data, that is then mapped against encrypted output in order to mathematically discover the key that created the encrypted output or create a break.
We never publicly speculate about anyone's political, business or academic motives. However, there are books like In Denial:Code Red that do for those clever enough to figure out the puzzles to speculate about roles that various icons have assumed.
We approach any claims scientifically and with scientific method. Any claim must be demonstrated, valid, reliable and repeatable to be considered true.
"And we leave bread crumbs."
Hansel and Gretel
"Where do you hide an elephant? In a room full of elephants."
"A mouse can eat an elephant but has to do it one bite at a time."
Miss Potty's friend
Ulterior motives rarely like the light of day or public scrutiny.
In 2008 Whitenoise Laboratories Canada conducted a very public challenge called the $100,000 Whitenoise Challenge. Just a little bit of reading will show that this was conducted with the knowledge and scrutiny of internationally acclaimed cryptographers and algorithm creators, representatives from all levels of academia, and military and government personnel tasked with our security including members of the US Joint Chiefs of Staff. No one broke a Whitenoise key
In 2013, we ran a one year, $200,000 challenge called " The Challenge That Black Hat Would Not Take but DEFCON did!" This challenge has been completed and there was no "expert" from either Black Hat or DEFCON who was able to file a successful solution to the challenge. This was even though the contest key files were static and in correct usage are ever changing.
A Whitenoise key has never been broken. That is a historical fact and scientific reality and one that we proudly stand behind.
Our goal is to make the security of our countries and government, and the quality of our on-line lives safer, for the benefit of everyone. We believe that everyone should have the best security and privacy system at a reasonable cost.
André Brisson co-Inventor of Whitenoise and founder of Whitenoise Laboratories Canada Inc.