Feb 8, 2017
IEEE Full day workshop proposal: Call for Papers
Workshop Information
Call for papers - to be updated on a regular basis
Download pdf copy of workshop proposal
The proposed workshop impacts all topics of the conference. The most specific subject might be Trust Management in Distributed systems. Conference topic areas of the conference are:
Title of workshop : Whitenoise, Dynamic Identity Verification and Authentication (DIVA) and Dynamic Distributed Key Infrastructures (DDKI) in hybrid PKI frameworks
Workshop acronym , if any:
Workshop length is full day.
Expected number of participants - 7+ TBD
Chair - Andre Brisson - WNLabs - abrisson@wnlabs.com
Program Committee
Invitees
Sam Greenblatt - former CTO HP, Dell (invited)
Dr. Mihai Sima - University of Victoria, British Columbia ECE Labs (invited)
Dr. Issa Traore - University of Victoria, British Columbia ECE Labs (invited)
Laurie Perrin - Sequor Systems (invited)
Albert Meyburgh - British Columbia Institute of Technology (invited)
Layton Perrin - Sequor Systems (invited)
Workshop Dates and Deadlines
Manuscripts for publication in the official proceedings will be due on June 10, 2017, so the schedule can work back from that deadline.
Paper Submission due April 10, 2017
Acceptance Notice to Authors by May 10, 2017
Publication-ready Papers Submitted by June 10, 2017
Publicity Plans
The ATC committee will also help with publicity via a free ad in email lists of past attendees (those with opt-in), and notifications to press organizations. However, each individual workshop must conduct its own focused outreach. What is your publicity plan?
Members of related or pertinent IEEE groups will receive regular outreach through Linked In. These groups will include Microsoft, Intel, HP, Dell, IEEE, IETF, RSA, BlackHat, DEFCON, DHS, and NIST etc. There will be additional outreach to telecoms and service providers through The Telecom Council of Silicon Valley.
Other considerations you feel we should be aware of.
A comprehensive workshop evaluation of dynamic distributed key systems for Trusted Computing will move through the various components needed to create a secure, virtual-framework cryptosystem including key creation, DIVA, DDKI, differences between PKI and DDKI handshakes, testing, and applications.
Technical proposal:
The Whitenoise DIVA DDKI workshop proposal touches every topic area of the 14th IEEE International Conference on Advanced and Trusted Computing.
"With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software . [1] Enforcing this behavior is achieved by loading the hardware with a unique encryption key inaccessible to the rest of the system." "Trusted Computing proponents claim the technology will make computers safer, less prone to viruses and malware , and thus more reliable from an end-user perspective. They also claim that Trusted Computing will allow computers and servers to offer improved computer security over that which is currently available." "Chip manufacturers Intel and AMD , hardware manufacturers such as HP and Dell , and operating system providers such as Microsoft all plan to include Trusted Computing in coming generations of products. [9] [10] The U.S. Army requires that every new PC it purchases comes with a Trusted Platform Module (TPM). [11] [12] As of July 3, 2007, so does virtually the entire United States Department of Defense . [13] " Wikipedia
"The endorsement key is a 2048-bit RSA public and private key pair that is created randomly on the chip at manufacture time and cannot be changed. The private key never leaves the chip, while the public key is used for attestation and for encryption of sensitive data sent to the chip, as occurs during the TPM_TakeOwnership command." Wikipedia
The two fundamental components of Trusted Computing, the asymmetric PKI framework and RSA IFC cryptography are flawed and are no longer sufficient. NSA and NIST have already announced they are discontinuing the use of RSA Integer Factorization Cryptography in the near future because of weak, slow performance and insufficient security. RSA can be broken with a simple prime number dictionary attack .
The security of public key systems has always been challenged. They are vulnerable to Man-in-the-Middle attacks and other attack classes. In the past, computers were so slow that none of the attacks were considered feasible. Now computers are so fast it is simple to ravage our networks because of lack of sustainable identity and data provenance, breakable ciphers and easily compromised security processes.
Dynamic Distributed Key Infrastructures (DDKI) and Dynamic Identity Verification and Authentication (DIVA) thwart the following attacks : Man-in-the-Middle, Side Channel attacks, mathematical and factoring attacks, botnet attacks, brute force and quantum computing attacks, and distributed denial of service attacks.
DDKI and DIVA work seamlessly with PKI. This leaves all current networks in full compliance. DDKI and DIVA create a two channel (asymmetric and symmetric), multi-factor challenge where one of the keys is a dynamic one-time-pad. A hacker or bad actor must break two keys simultaneously for each and every breach attempt.
Identity is imposed with a unique, exponential, one-time pad key for continuous, dynamic authentication throughout a network session. Data provenance is imposed with DIVA and authenticated one-time-pad encryption from the same key.
Dynamic Distributed Key Infrastructures is a virtual secure framework of devices and components deploying the DIVA protocol. It solves the historical problems of key creation, key management and key distribution that impeded the development of large distributed key networks previously.
Trusted Computing can benefit on performance and security metrics by including a virtual, distributed key framework and unbreakable, dynamic, continuous, one-time-pad key technology. Deployment of the Whitenoise-DIVA-TLS extension for LDAP/CAS and openSSL requires one simple upgrade for servers and one online update for endpoints.
---
Call for papers
Workshop Title:
Whitenoise, Dynamic Identity Verification and Authentication (DIVA) and Dynamic Distributed Key Infrastructures (DDKI) in hybrid PKI frameworks
Call for paper submissions pool list - this will be updated on an ongoing basis
1.Whitenoise, DIVA and DDKI overview - André Brisson WNL
Whitenoise is a stream cipher and deterministic random number generator that creates exponential, one-time-pad super keys (patented globally).
Dynamic Identity Verification and Authentication (DIVA) is a protocol that provides one-time-pad continuous, identity and authentication and one-time-pad authenticated encryption for data provenance.
Dynamic Distributed Key Infrastructures (DDKI) are virtual networks comprised of devices and components that utilize DIVA.
http://www.wnlabs.com/pdf/Cyber_Belt_Presentation.pdf
This paper covers how a Whitenoise key is made, how DIVA works, and how we can balance security and privacy with DDKI and DIVA.
2. Security analysis of Whitenoise - David Wagner University of California, Berkeley - reprint
This security analysis was contracted by David Wagner a noted cryptographer from the University of California, Berkeley. It was paid for by the National Research Council of Canada. Mr. Wagner has many publications and worked to improve BlowFish and TwoFish .
University of California Berkeley is noted for its national labs which has produced 13 Nobel Prize winners. Scientific method, objectivity and integrity are hallmarks of their scientific achievements.
Note: the key used for this analysis was the smallest possible key that can be made with Whitenoise (1600 bits). Readily available scope documents call for significantly longer subkeys. Still, David Wagner reported that he could find no effective mathematical attacks. This is because Whitenoise is more akin to an Enigma mechanical structure in contrast to arithmetic based cryptography like RSA and ECC.
His report also stated:
"Exhaustive keysearch is not a threat. With the recommended parameters, Whitenoise uses keys with at least 1600 bits of randomness. Exhaustive search of 1600-bit keys is completely and absolutely infeasible. Even if we hypothesized the existence of some magic computer that could test a trillion-trillion key trials per second (very unlikely!), and even if we could place a trillion-trillion such computers somewhere throughout the universe (even more unlikely!), and even if we were willing to wait a trillion-trillion years (not a chance!), then the probability that we would discover the correct key would be negligible (about ½ to the 1340th power), which is unimaginably small. Hence, if keys are chosen appropriately and Whitenoise is implemented correctly, exhaustive keysearch is not a threat." David Wagner
This report can now be found at: https://eprint.iacr.org/2003/218.pdf
There have been two global security challenges and no government, institution, or group was able to break Whitenoise:
http://www.wnlabs.com/news/challenge.php
http://www.wnlabs.com/news/challengeDEFCON.php
It is acknowledged by the NSA and NIST that existing encryption algorithms in the ciphersuite are readily compromised.
"In August, 2015, NSA announced that it planned to transition in the not distant future to a new cipher suite that is resistant to quantum attacks. Unfortunately, the growth of elliptic curve use has bumped up against the fact of continued progress in the research on quantum computing, necessitating a re-evaluation of our cryptographic strategy."
It also appears that RSA can be compromised with a prime number dictionary attack.
RSA Integer Factorization Cryptography is breakable with a simple Prime Number Dictionary attack .
3. Performance analysis of Whitenoise - University of Victoria, British Columbia ECE Labs - Dr. Issa Traore
Randomness and entropy are the foundation upon which cryptographic security stands. The more random the key or cipher text is the stronger the security.
The performance analysis used a super computer array to test Whitenoise. There was not even a single, expected statistical error. This report has all test data. This paper points to a landmark achievement. It is simple for any trained cryptographers, scientists, or network engineers to test and validate. The Whitenoise Strong Encryptor test software is available for free at http://www.wnlabs.com/products/emailenc.php as well as over four hundred freeware sites.
NIST test software is readily available on their site.
The performance analysis was paid for by the National Research Council of Canada.
This was the first time that a cryptographic algorithm did not even have a single anticipated statistical error in randomness testing during testing against a super computer array.
The NIST test suite used for this kind of study and analysis allows one statistical failure for every hundred rounds of testing on a cryptographic algorithm. For the purposes of this study, this threshold was increased by an order of magnitude and was set up to allow only one statistical failure for every thousand rounds of testing.
This created a scientific conundrum in a field that only allows theorizing about pseudo randomness. This research showed that Whitenoise is orders of magnitude more random than radio-active decay which has historically been accepted as the benchmark for the most random event in nature.
4. A method of key creation and management that shields service providers from encroaching surveillance laws - André Brisson WNL
5. Whitenoise-DIVA-TLS extension for Microsoft LDAP/CAS and openSSL - a simple implementation for PKI frameworks - Laurie Perrin Sequor Systems
http://www.wnlabs.com/technology/WNL_TLS_extension.php
6. Whitenoise side channel attack resistant cryptography and an approach for securing microprocessors, circular shift registers, and PICS- Dr. Mihai Sima University of Victoria ECE Labs & André Brisson
Hardening side channel attack resistance
Notes about use of Whitenoise and DIVA on microprocessors: Whitenoise operates at the fastest speed available on any device because after key load it uses the fastest function available on a computing device or component. Whitenoise processes 2 bytes for every clock cycle when deployed from chips. Speed is scalable by adding channels or threads.
9. RSA Integer Factorization Cryptography - a simple prime number dictionary attack - André Brisson
http://www.wnlabs.com/pdf/Rapid_Factorization_of_semiprimes.pdf
10 . Internet of Everthing - ubiquitous application - André Brisson
http://www.wnlabs.com/pdf/Internet_of_Things_and_Whitenoise_Technologies.pdf
11 . The Cloud Accelerator (DIVA and DDKI in lockless programming environments) - Layton Perrin
http://www.wnlabs.com/pdf/The_cloud_accelerator.pdf
ESG performance analysis
http://www.wnlabs.com/pdf/ESG-Lab-Review-Sequor-Systems-May-2016.pdf
12 . The Tunnel and Distributed Keys distributing more distributed keys - Investigation of Key Vaults and Gatekeepers - Albert Meyburgh
http://www.wnlabs.com/pdf/Tunnel_with_DIVA.pdf
http://www.wnlabs.com/downloads/Tunnel_Distributed_Keys_distributing_more_keys.pdf
13 .Mathematical proof showing linear systems required to break the cipher cannot be constructed because internal keystream bytes cannot be known - speaker Government of Canada to be announced.
Communication Security Establishment proof
---
Bios
André Brisson
https://www.linkedin.com/in/andre-brisson-51077?trk=nav_responsive_tab_profile_pic
http://www.wnlabs.com/about/executive.php
Potential workshop webpage
IEEE_WN_DIVA_DDKI_workshop proposal