The United States public has long been aware of cyber attacks on commerce and government. The pace and scope of these attacks accelerated dramatically in 2015 -- human resource records of every U.S. government employee compromised, security clearance information now in the hands of hostile governments, massive breaches of personal data of millions of citizens currently for sale on the dark Internet to identity thieves. The horror stories keep appearing in the news and keep getting worse.
Some of the hacked content was unencrypted, but behind supposedly robust firewalls. Conventional encryption methods have also succumbed to the highly skilled onslaughts of well-resourced state sponsored electronic intelligence units.
It's time to "go dark" on China and on hackers in general. Think weaponizing. The arms race now includes cyber weapons. Cybersecurity systems are defense critical systems.
That means it's time that the cybersecurity community and the U.S. government concur that strong encryption is warranted. Per Mr. Comey's invitation, let's get that robust debate underway. And let's offer solutions.
Pryvit serves well in secure transmission of files from one cyber location to another.
When it comes to data storage, the original design of Pryvit is most useful for large groups of files that are static over time and used only occasionally for reference. The shred heaps (each heap of many shreds, each shred randomly manipulated) may be left online with relatively low risk. If the formula is held offline (or online in its transmission cloaking), the overall risk is also low. This is because a successful hacker would need:
That would be an expensive hack!
In contrast, the data owner with Pryvit technology requires minimal resources, and no inside knowledge of the method. If the data is particularly sensitive, protection may be strengthened by engaging the built-in cascading option, using private random tables shared only with the recipient, and/or enabling exclusive ORing of some shreds with random bytes, etc.
The objective in security is to increase the resources needed for hacking well beyond the value of the data to the hacker. Pryvit might just do that nicely for static archival collections! Could Pryvit be applied also to dynamic high-use files, as in a database management system? We are not sure. That objective might be well served by collaborative research by Marpex Inc. together with an appropriate partner.
Copyright ©2016 Marpex Inc. All rights reserved.