IEEE Whitenoise DIVA DDKI workshop

Feb 8, 2017

IEEE Full day workshop proposal: Call for Papers

Workshop Information

Call for papers - to be updated on a regular basis

Download pdf copy of workshop proposal

The proposed workshop impacts all topics of the conference. The most specific subject might be Trust Management in Distributed systems. Conference topic areas of the conference are:

  • High Performance Computing and Networking
  • Service Computing and Engineering
  • Cloud Computing and Fog Computing
  • Software Defined Networking and Systems
  • Green Computing and Communications
  • Mobile and Wearable Computing
  • IoT/IoE Technologies and Applications
  • Big Data Analytics and Technologies
  • Advanced Cognitive Computing and Machine Learning
  • Advanced Virtual/Augmented Reality (VR/AR)
  • Advanced Affective Computing and Robotics
  • Advanced MEMS/NEMS and Their Applications
  • Trust Specifications, Models and Standards
  • Trust Management in Distributed systems
  • Security and Privacy in Smart Systems
  • Cyber Life, Society and Intelligence
  • Cyber Physical Systems and Their Safety

Title of workshop : Whitenoise, Dynamic Identity Verification and Authentication (DIVA) and Dynamic Distributed Key Infrastructures (DDKI) in hybrid PKI frameworks

Workshop acronym , if any:

Workshop length is full day.

Expected number of participants - 7+ TBD

Chair - Andre Brisson - WNLabs - abrisson@wnlabs.com

 

Program Committee

Invitees

Sam Greenblatt - former CTO HP, Dell (invited)

Dr. Mihai Sima - University of Victoria, British Columbia ECE Labs (invited)

Dr. Issa Traore - University of Victoria, British Columbia ECE Labs (invited)

Laurie Perrin - Sequor Systems (invited)

Albert Meyburgh - British Columbia Institute of Technology (invited)

Layton Perrin - Sequor Systems (invited)

 

Workshop Dates and Deadlines

Manuscripts for publication in the official proceedings will be due on June 10, 2017, so the schedule can work back from that deadline.

Paper Submission due April 10, 2017

Acceptance Notice to Authors by May 10, 2017

Publication-ready Papers Submitted by June 10, 2017

Publicity Plans

The ATC committee will also help with publicity via a free ad in email lists of past attendees (those with opt-in), and notifications to press organizations. However, each individual workshop must conduct its own focused outreach. What is your publicity plan?

Members of related or pertinent IEEE groups will receive regular outreach through Linked In. These groups will include Microsoft, Intel, HP, Dell, IEEE, IETF, RSA, BlackHat, DEFCON, DHS, and NIST etc. There will be additional outreach to telecoms and service providers through The Telecom Council of Silicon Valley.

Other considerations you feel we should be aware of.

A comprehensive workshop evaluation of dynamic distributed key systems for Trusted Computing will move through the various components needed to create a secure, virtual-framework cryptosystem including key creation, DIVA, DDKI, differences between PKI and DDKI handshakes, testing, and applications.

 

Technical proposal:

The Whitenoise DIVA DDKI workshop proposal touches every topic area of the 14th IEEE International Conference on Advanced and Trusted Computing.

"With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by  computer hardware  and  software . [1] Enforcing this behavior is achieved by loading the hardware with a unique encryption key inaccessible to the rest of the system." "Trusted Computing proponents claim the technology will make computers safer, less prone to  viruses  and  malware , and thus more reliable from an end-user perspective. They also claim that Trusted Computing will allow  computers  and  servers  to offer improved  computer security  over that which is currently available." "Chip manufacturers  Intel  and  AMD , hardware manufacturers such as  HP  and  Dell , and  operating system  providers such as  Microsoft  all plan to include Trusted Computing in coming generations of products. [9] [10]  The  U.S. Army  requires that every new PC it purchases comes with a  Trusted Platform Module  (TPM). [11] [12]  As of July 3, 2007, so does virtually the entire  United States Department of Defense . [13] " Wikipedia

"The endorsement key is a 2048-bit  RSA  public and private key pair that is created randomly on the chip at manufacture time and cannot be changed. The private key never leaves the chip, while the public key is used for attestation and for encryption of sensitive data sent to the chip, as occurs during the TPM_TakeOwnership command." Wikipedia

The two fundamental components of Trusted Computing, the asymmetric PKI framework and RSA IFC cryptography are flawed and are no longer sufficient. NSA and NIST have already announced they are discontinuing the use of RSA Integer Factorization Cryptography in the near future because of weak, slow performance and insufficient security. RSA can be broken with a simple prime number dictionary attack .

The security of public key systems has always been challenged. They are vulnerable to Man-in-the-Middle attacks and other attack classes. In the past, computers were so slow that none of the attacks were considered feasible. Now computers are so fast it is simple to ravage our networks because of lack of sustainable identity and data provenance, breakable ciphers and easily compromised security processes.

Dynamic Distributed Key Infrastructures (DDKI) and Dynamic Identity Verification and Authentication (DIVA) thwart the following attacks : Man-in-the-Middle, Side Channel attacks, mathematical and factoring attacks, botnet attacks, brute force and quantum computing attacks, and distributed denial of service attacks.

DDKI and DIVA work seamlessly with PKI. This leaves all current networks in full compliance. DDKI and DIVA create a two channel (asymmetric and symmetric), multi-factor challenge where one of the keys is a dynamic one-time-pad. A hacker or bad actor must break two keys simultaneously for each and every breach attempt.

Identity is imposed with a unique, exponential, one-time pad key for continuous, dynamic authentication throughout a network session. Data provenance is imposed with DIVA and authenticated one-time-pad encryption from the same key.

Dynamic Distributed Key Infrastructures is a virtual secure framework of devices and components deploying the DIVA protocol. It solves the historical problems of key creation, key management and key distribution that impeded the development of large distributed key networks previously.

Trusted Computing can benefit on performance and security metrics by including a virtual, distributed key framework and unbreakable, dynamic, continuous, one-time-pad key technology. Deployment of the Whitenoise-DIVA-TLS extension for LDAP/CAS and openSSL requires one simple upgrade for servers and one online update for endpoints.

---

 

Call for papers

Workshop Title:

Whitenoise, Dynamic Identity Verification and Authentication (DIVA) and Dynamic Distributed Key Infrastructures (DDKI) in hybrid PKI frameworks

Call for paper submissions pool list - this will be updated on an ongoing basis

1.Whitenoise, DIVA and DDKI overview - André Brisson WNL

Whitenoise is a stream cipher and deterministic random number generator that creates exponential, one-time-pad super keys (patented globally).

Dynamic Identity Verification and Authentication (DIVA) is a protocol that provides one-time-pad continuous, identity and authentication and one-time-pad authenticated encryption for data provenance.

Dynamic Distributed Key Infrastructures (DDKI) are virtual networks comprised of devices and components that utilize DIVA.

http://www.wnlabs.com/pdf/Cyber_Belt_Presentation.pdf

This paper covers how a Whitenoise key is made, how DIVA works, and how we can balance security and privacy with DDKI and DIVA.

 

2. Security analysis of Whitenoise - David Wagner University of California, Berkeley - reprint

https://www.linkedin.com/pulse/david-wagner-security-analysis-whitenoise-berkeley-andre-brisson?trk=mp-reader-card

This security analysis was contracted by David Wagner   a noted cryptographer from the University of California, Berkeley. It was paid for by the National Research Council of Canada.  Mr. Wagner has many publications and worked to improve  BlowFish and TwoFish .

University of California Berkeley is noted for its  national labs  which has produced 13 Nobel Prize winners. Scientific method, objectivity and integrity are hallmarks of their scientific achievements.

Note: the key used for this analysis was the smallest possible key that can be made with Whitenoise (1600 bits). Readily available scope documents call for significantly longer subkeys. Still, David Wagner reported that he could find no effective mathematical attacks. This is because Whitenoise is more akin to an Enigma mechanical structure in contrast to arithmetic based cryptography like RSA and ECC.

His report also stated:

"Exhaustive keysearch is not a threat. With the recommended parameters, Whitenoise uses keys with at least 1600 bits of randomness. Exhaustive search of 1600-bit keys is completely and absolutely infeasible. Even if we hypothesized the existence of some magic computer that could test a trillion-trillion key trials per second (very unlikely!), and even if we could place a trillion-trillion such computers somewhere throughout the universe (even more unlikely!), and even if we were willing to wait a trillion-trillion years (not a chance!), then the probability that we would discover the correct key would be negligible (about ½ to the 1340th power), which is unimaginably small. Hence, if keys are chosen appropriately and Whitenoise is implemented correctly, exhaustive keysearch is not a threat." David Wagner

This report can now be found at:  https://eprint.iacr.org/2003/218.pdf

There have been two global security challenges and no government, institution, or group was able to break Whitenoise:

http://www.wnlabs.com/news/challenge.php

http://www.wnlabs.com/news/challengeDEFCON.php

It is acknowledged by the NSA and NIST that existing encryption algorithms in the ciphersuite are readily compromised.

"In August, 2015,  NSA announced that it planned to transition in the not distant future to a new cipher suite that is resistant to quantum attacks. Unfortunately, the growth of elliptic curve use has bumped up against the fact of continued progress in the research on quantum computing, necessitating a re-evaluation of our cryptographic strategy."

It also appears that RSA can be compromised with a prime number dictionary attack.

RSA Integer Factorization Cryptography is breakable with a simple Prime Number Dictionary attack .

3. Performance analysis of Whitenoise - University of Victoria, British Columbia ECE Labs - Dr. Issa Traore

https://www.linkedin.com/pulse/whitenoise-performance-analysis-univeristy-victoria-british-brisson?trk=mp-reader-card

Randomness and entropy are the foundation upon which cryptographic security stands. The more random the key or cipher text is the stronger the security.

The performance analysis used a super computer array to test Whitenoise. There was not even a single, expected statistical error. This report has all test data. This paper points to a landmark achievement. It is simple for any trained cryptographers, scientists, or network engineers to test and validate. The Whitenoise Strong Encryptor test software is available for free at http://www.wnlabs.com/products/emailenc.php as well as over four hundred freeware sites.

NIST test software is readily available on their site.

The performance analysis was paid for by the National Research Council of Canada. 

This was the first time that a cryptographic algorithm did not even have a single anticipated statistical error in randomness testing during testing against a super computer array.

The NIST test suite used for this kind of study and analysis allows one statistical failure for every hundred rounds of testing on a cryptographic algorithm. For the purposes of this study, this threshold was increased by an order of magnitude and was set up to allow only one statistical failure for every thousand rounds of testing.

This created a scientific conundrum in a field that only allows theorizing about pseudo randomness. This research showed that Whitenoise is orders of magnitude more random than radio-active decay which has historically been accepted as the benchmark for the most random event in nature.

4. A method of key creation and management that shields service providers from encroaching surveillance laws - André Brisson WNL

https://www.linkedin.com/pulse/key-distribution-paradigm-removes-management-from-carriers-brisson?trk=mp-reader-card

5. Whitenoise-DIVA-TLS extension for Microsoft LDAP/CAS and openSSL - a simple implementation for PKI frameworks - Laurie Perrin Sequor Systems

http://www.wnlabs.com/technology/WNL_TLS_extension.php

6. Whitenoise side channel attack resistant cryptography and an approach for securing microprocessors, circular shift registers, and PICS- Dr. Mihai Sima University of Victoria ECE Labs & André Brisson

Hardening side channel attack resistance

Notes about use of Whitenoise and DIVA on microprocessors: Whitenoise operates at the fastest speed available on any device because after key load it uses the fastest function available on a computing device or component. Whitenoise processes 2 bytes for every clock cycle when deployed from chips. Speed is scalable by adding channels or threads.

 

9. RSA Integer Factorization Cryptography - a simple prime number dictionary attack - André Brisson

http://www.wnlabs.com/pdf/Rapid_Factorization_of_semiprimes.pdf

10 . Internet of Everthing - ubiquitous application - André Brisson

http://www.wnlabs.com/pdf/Internet_of_Things_and_Whitenoise_Technologies.pdf

11 . The Cloud Accelerator (DIVA and DDKI in lockless programming environments) - Layton Perrin

http://www.wnlabs.com/pdf/The_cloud_accelerator.pdf

ESG performance analysis

http://www.wnlabs.com/pdf/ESG-Lab-Review-Sequor-Systems-May-2016.pdf

 

12 . The Tunnel and Distributed Keys distributing more distributed keys - Investigation of Key Vaults and Gatekeepers - Albert Meyburgh

http://www.wnlabs.com/pdf/Tunnel_with_DIVA.pdf

http://www.wnlabs.com/downloads/Tunnel_Distributed_Keys_distributing_more_keys.pdf

 

13 .Mathematical proof showing linear systems required to break the cipher cannot be constructed because internal keystream bytes cannot be known - speaker Government of Canada to be announced.

Communication Security Establishment proof

---

 

Bios

André Brisson

https://www.linkedin.com/in/andre-brisson-51077?trk=nav_responsive_tab_profile_pic

http://www.wnlabs.com/about/executive.php

 

Potential workshop webpage

IEEE_WN_DIVA_DDKI_workshop proposal