TCSV WNL Security Deep Dive @ Microsoft

Sunnyvale, Ca. USA, September 18, 2015

See meeting abstract. Supporting presentation: Deep Dive: Cybercrime, Security, and Privacy in the Snowden Era

Whitenoise Laboratories is pleased that André Brisson has been invited to sit on a panel at the Telecom Council of Silicon Valley Deep Dive on Security in the Snowden Era. We are pleased to join Intel, IBM, Mimir Networks and Wipro in discussing advances in security and identity management technologies at Microsoft in Sunnyvale, California.

How do we balance security and privacy between all the stakeholders: consumer citizens, corporations, government and law enforcement?

Is encryption the way to protect ourselves? And is it enough?

"A rational, simple, virtual framework with virtual, online provisioning for secure computing - Dynamic Distributed Key Infrastructures - and continuous, dynamic, one-time-pad authentication with authenticated, device/person specific encryption is enough." Jacques Tétu

"Everything Should Be Made as Simple as Possible, But Not Simpler" Albert Einstein


Whitenoise Labs is also doing demonstrations on the speed and strength of Whitenoise keys and the ease of factoring public keys prevalently used.




There is no effective security possible without identity and data provenance. Authentication of persons/devices/endpoints and data provenance are the security controls that make all other security controls effective (or not).

Security is a cryptographic problem and needs a simple but effective cryptographic solution that is objective, 100% accurate, and self running.

Balancing privacy and security is not difficult and can be addressed to everyone's satisfaction and needs.

Analytics for security is a post facto approach

Analytics is a great tool for mining, marketing, intelligence and decision making.

Analytics is not great for security.

Analytics by definition is an after-the-fact approach to security. These solutions are building "threat signatures" on data whose ownership (provenance) was unidentified when it entered your networks and builds to defending against future threats not the attack or penetration that has already succeeded. The cyber problem is exploding exponentially as inexpensive components on the Internet of Things, sensors, and other endpoints that can't deploy traditional RSA style security are flooding your networks with unattributed data.

Reliance on analytics is a post facto approach to identifying breaches that have already occurred based on subjective analysis of what "use behavior" means and what anomalous patterns look like.

Advanced detection analytics by definition generate ever increasing overhead, computational and physical infrastructure needs (hardware appliances) that impede scalability, interoperability, exasperate the costs of your networks, and generally cover a very limited range of the cyber threats we face.

Analytics are backend solutions.

The greatest threat to our networks are the explosion of Internet of Everything components, devices, sensors etc. that are flooding networks with unattributed data. The majority of these endpoints are low-cost, low-resource components where it is impossible to run traditional asymmetric public key cryptography because of scientific limitations of that framework.


We all need to step up and we can do so easily.

There are two computing frameworks: Public Key Infrastructures (PKI) and Converged Networks. Converged networks are all the other applications layered on top of PKI to fix its security flaws and enable other security controls that the PKI framework cannot inherently provide.

Dynamic Distributed Key Infrastructures (DDKI) is a distributed, tiered, hierarchical, virtual framework comprised of servers and endpoints secured with Dynamic Identity Verification and Authentication (DIVA) and Whitenoise. It is interoperable with the existing framework and is invoked with one call at single-sign-on secure network access. User names and passwords can be eliminated if desired.

We need one simple extensible solution that is virtually provisioned and virtually manufactured that addresses the entire range of security problems we face.

With Whitenoise technologies each person on a network has a unique identity that is virtually provisioned one-time. After virtual activation all data has provenance (ownership) with a unique, private, distributed, exponential, and secret key that performs dynamic, one-time-pad authentication and one-time-pad authenticated encryption. Each person or device has a key and each packet can be given provenance. The key is "synchronized or not" for 100% accurate, inherent and automatic intrusion detection. If the key is unsynchronized, incorrect or not present at all they can be easily prevented from getting on your networks in the first place.

Solutions to the pernicious classes of attacks need to be addressed simply, automatically and accurately. One solution should work for all communication contexts.

For example, there are many hardware based solutions which by definition are not easily scalable. Whitenoise can be implemented in hardware components like microprocessors. But, no manufacturer is going to put a $50 chip in a thermostat. Whitenoise can be deployed effectively and securely in low-cost processing components like peripheral interface controllers, circular shift registers, line feed shift registers, counters and simple low cost components. A $1 component can run national security level security. This is why we see attempts trying to achieve the same end goal like IETF RFC 7008.

Solutions must be as effective in software and the software must be easily distributed online and enterprises should have the option of upgrading their own existing servers without having to add more hardware. Whitenoise technologies are a secure cryptosystems that operate with the XOr function, the fastest function on a computer. Whitenoise goes at the top speed of any hardware or physical (i.e. wireless transmissions) environment.

Whitenoise technologies prevent all known attack classes before your network is compromised.

Join a pilot: