Anonymous Key Technology

Anonymous Key Technology can be described as the evolutionary combination of traditional security technologies. Security experts like to see traditional technologies that are well understood and accepted. AKT uses traditional cryptographic algorithms like AES, the secure hash standard and traditional key management like Key Encrypting Keys and Data Encrypting Keys. AKT’s unique methodology provides a simple authentication system that delivers secure data transmissions based on the results of the authentication.

  • Every transaction can be unique and has a defacto bi-directional authentication
  • Authentication is done at both the server and the client
  • AKT encryption is done in client and server memory, so there are no unencrypted temporary files
  • Registration of a client can either be through the web (128 bits of strength) or by a Crypto Officer (256 bits)
  • AKT technology provides the server with a database which is fully protected and immune to current known attacks
  • The AKT suite can and has been installed and used on mobile devices
  • The computational power required with AKT remains constant and is virtually independent of the strength of the key
  • AKT could be used in conjunction with PKI if signing of documents using asymmetric keys was a requirement
  • Key Strength

    The strength of AKT depends on the size of the key and the amount of randomness in the key. For example, an 8-character password formed only from upper letter characters has a strength equivalency of just over 30 bits. If you allow upper and lowercase characters, then the strength increases to about 45 bits. To get 80 bits of strength with a password using upper and lowercase characters only, you need a password with about 14 characters. Thus, a password of 14 characters is equivalent in strength to PKI using 1024 bit keys (current SSL).

    Therefore, it is not appropriate to ask what the strength of AKT is without specifying the size and randomness of the key. This is where the confusion arises with people who are steeped in PKI.

    If you integrate outside randomness into the AKT key, then you can achieve strength much greater than PKI. For example, using biometrics, you can get very high strength. Currently, due to the fact that FIPS certification mandates a maximum strength using AES of 256 bits, which is the maximum strength that can be obtained and still receive certification.

    What exactly does a strength of 80 bits mean?

    80 bits of strength means that the difficulty in guessing the encryption key is equivalent to guessing 80 bits of random data. Guessing the key would be equivalent to guessing a number with 24 digits! Keep in mind that as computers get faster, guessing a large number gets less difficult. For example, Table 1.0 shows the results of a computer that can do one billion decryptions and comparisons (a transaction) per second:

    Table 1.0 Computer/ One Billion Transactions

    It is clear from Table 1 that a key with 80 bits of strength will survive less than 1 hour. Keep in mind that 1 billion transactions per second is difficult with any computer. However, notice that if you can get a strength of 112 bits, it would take the same computer just over 3 years (on average) to break the same encryption! At 160 bits, you do not need to worry.

    While a strength of 80 bits is susceptible to heavy attack, when you get to 160 bits and above, it takes a lot of computer power to break the AKT suite.

    Frequently Asked Questions Regarding AKT

    What Operating Systems does AKT run on?
    Currently the AKT module is validated to run on Windows OS, Android, Mac iOS, Linux variants and Solaris.

    Can I run apps on my mobile devices?
    The AKT module is very fast and easy to use. The module has been ported to most cell phones and mobile devices and will run effectively in virtually an cellular network.

    Can I use the AKT products to secure my data in a cloud environment?
    Absolutely! AKT has a number of applications that will work with Cloud providers to ensure that your data is secure no matter where it is stored. The great thing about the AKT suite is that your data is stored on the cloud with a key that only you can use. Even if someone successfully attacks the cloud, your data is safe!

    Does the software work with Network drives?
    Yes. If you can mount or access the drive from within the OS, then we can encrypt and secure the data.

    Can someone sniff the Internet and get my financial transaction and then send it again?
    No. Someone could sniff the communications line and get your encrypted transaction, but they could not decrypt it and they could not resend it because the AKT server would sense that it was a replay.

    Can someone “grab” my transaction and alter it when I send it?
    No. If someone tries to modify the transaction, the server will not be able to process it. There is no possibility that someone could alter or change your transaction.

    If I am careful and protect my Username and Password, how difficult is it for someone to get my data?
    With AKT it would be very difficult. See the earlier discussion on strength keeping in mind that the lowest level of AKT has a strength close to 112 bits.

    If I am worried that someone has found my Username or Password can I change them?
    Yes. You can change both your username and password and all of your transactions will remain secure and the same. If you have email, it will automatically be updated so you do not lose it.

    If I did not use biometrics when I first register can I add them later?
    Yes. The system is flexible enough to allow for multiple biometrics and it is able to update or regress certain biometrics depending on the deployment.

    If I use biometrics or pseudo biometrics what do I need to purchase?
    You will need something to store the biometric template on, like a Smart Card or a Thumb Drive. You could store the biometric on your computer, but this would force you to use the same computer all the time. The idea behind AKT is that you can use any computer.