HYBRID SYMMETRIC ENCRYPTION ENGINE
VARIABLE STRENGTH WAVEFORM BLOCK-CIPHER COMBINED WITH MAXIMUM SPEED STREAM-CIPHER TECHNOLOGY
TARGETED CRYPTOGRAPHIC KEY-EXCHANGE
SECURE KEY TRANSFER MECHANISM WITH SIMPLE / REALTIME SIGNAL ENCRYPTION CAPABILITIES
POWERING E2E ENCRYPTION ACROSS ANY PLATFORM, A ROBUST PEER-TO-PEER SYMMETRIC KEY EXCHANGE MECHANISM
WORLDWIDE END-TO-END ENCRYPTION
HYPER-FAST ENCRYPTED DATA TRANSMISSION
MAJOR SPEED AND SECURITY UPGRADE TO DATA TRANSFERS SIGNIFICANTLY OVER SECURE-FTP
XSOC is a "crypto-system", meaning, it is a supplied cryptographic cipher with an SDK/API that allows for easy integration with a wide variety of software. Designed to make the application of symmetric encryption simpler to wield, XSOC cryptosystem reduces the amount of time and code (or effort) required to apply strong encryption directly to text, files, and streaming media.
XSOC is deployed as a single tiny "library" (file) that can be directly incorporated into projects and other software. XSOC was written for maximum language compatibility and platform extensibility.
XSOC can be deployed into any manner of
Windows | Linux | Apple Mac | Android | Raspberry PI | AWS Cloud | IBM |
Azure Cloud | HP-UX | Embedded OS | other PC / Motorola based infrastructure
Available in both Java and C++, XSOC is cross-compatible with itself across different high-level programming languages and is generally as easily deployable as a standard Java Runtime Environment (JRE). In addition to providing an SDK/API interface and multiple example ("test harnesses"), XSOC is also compatible with the Java Cryptography Extension (JCE) interface and can be invoked or accessed in exactly the same was as AES, CHA-CHA, BLOWFISH, and other standard NIST ciphers. XSOC is portable directly to hardware in the form of F-PGA & ASIC.
The cipher-core of XSOC has been made available publicly, offered under a limited APACHE open-source license and directly available for academic review and cryptanalysis via the open-source community. The advanced APIs and features designed to make XSOC easily deployable in a wide variety of real-world use-cases are also available for commercial and demo license.
MEETING TODAY'S CHALLENGES
XSOC is generally STRONGER and FASTER than most other forms of symmetric encryption. With a variable strength ("wave form") style of cryptographic key interpreter, XSOC delivers a premium value in the following areas:
Streaming heavy-weight digital media (like High-Def video or Zoom meetings) whereby other ciphers are often too slow (or demanding on a CPU) to be applied at full strength.
Streaming ultra-light weight data (like IOT sensors) whereby other ciphers typically encumber the data they produce with crypto-headers or superfluous size increases.
Long-term data archival; others are limited to 256bit - XSOC flexes to 51,200bit strength.
XSOC also incorporates a unique cryptographic keying system which makes Multifactor Authentication (such as facial recognition) native to the cipher core. This allows MFA / 3FA to be included directly into the cryptographic keying process, and not external to it. XSOC’s unique “variable-strength” allows streaming ciphertext to flow in a (“sine wave”) of security protection that (unlike other symmetric ciphers), reveals no static attack surface.
SOCKET is a cryptographic key-exchange mechanism designed for near-field / radiofrequency and wireless transmissions that provide hardened encryption security closed-circuit, limited-distance, or intermittent (ad-hoc) network environments. It provides an equally stable and secure mechanism of key infrastructure for more permanent network environments.
For example, SOCKET can be utilized as a stand-alone (out-of-band) method of key transfer for legacy devices in an industrial (IT/OT) or commercial wireless security environment, or modern streaming video cameras in a warehouse or embassy.
Unlike regular internet-based connections which rely heavily on static TLS certificates to protect point to-point communications, SOCKET uses a hardened 100% symmetric strategy which constantly "rotates" encryption keys, dramatically reduces the attack-surface of any network environment as compared to SSL/TLS. With the incorporation of full 3-Factor authentication features, SOCKET can fulfill the same cryptographic requirements and general security purpose as TLS, however, without any reliance on digital certificates or an external Certificate Authority (CA). This more flexible means of key-exchange may be ideal for "air-gapped" and closed-circuit networks that cannot afford any exposure to the regular internet.
SOCKET makes use of a small group of software components which can be installed onto any small form-factor computer hardware that runs Linux or Windows operating systems. Socket requires less than 1GB of OS RAM to function. Systems running SOCKET components can be deployed in such a way that allows for a "physical coverage area" within range of any regular WIFI environment. If WIFI is unavailable or undesirable, SOCKET may also be configured to utilize Bluetooth, RF Modem, Mesh Network, Low-Energy Microwave, or other forms of open wireless communications.
Lastly, like Kerberos, SOCKET makes use of its own native security protocol (called “EBP”) for network-efficient encrypted signal communications at 512bit or greater encryption strength.
MEETING TODAY'S CHALLENGES
SOCKET provides a secure solution for SYMMETRIC key exchange and enables security in environments where TLS (SSL Certificates) are undesirable or infeasible. A key attraction to SOCKET is the ability to run on or off Wi-Fi, Windows, or Linux, as well as any small form-factor device. For highly secure environments that are concerned about the update frequency of SSL certificates, SOCKET can run for longer without maintenance, making it more appropriate for rugged or dangerous environments.
Use and application examples may include
securing of drone-to-drone communications,
tactical encrypted walkie-talkies,
and other similar (battlefield) type environments that require rapid setup and tear-down.
Like SOCKET, OPEN or WAN-SOCKET is a cryptographic key-exchange mechanism designed to directly support end-to-end encrypted signal communications that use symmetric cryptography. This is where the similarities end. WAN-SOCKET is designed for broad-based global internet usage, in fully public or private cloud scenarios. With WAN-SOCKET, it costs less to offer more security to a larger number of people.
Unlike asymmetric public key encryption, WAN-SOCKET is designed to exchange key material in a continuous streaming manner by employing symmetric keys at the packet, file, volume, or frame level as clients exchange information. Implementation is simple because it can be conveniently plugged-in like an API/SDK, allowing businesses to easily scale WAN-SOCKET to power large social media network or streaming video platform—without any loss of security compared to standard methods.
Using the Distributed Hash Table (DHT) technology, WAN-SOCKET offers secure (private) global crypto-key exchanges in a way that bears more resemblance to Napster (ToR, or Kazaa Peer-to-Peer) than it does to a standard block-chain. Using a sophisticated algorithmic sharding mechanism and double-blind exchange infrastructure, WAN-SOCKET can effectively thwart Man-in-the-middle (MITM) attacks as well as provide a native resilience to Denial of Service (DOS) type threats. Unlike Signal and WhatsApp that have a hub-and-spokes type of architecture, WAN-SOCKET utilizes “N-Tier” and “Bayesian” patterns that offer no single point of failure.
MEETING TODAY'S CHALLENGES
End-to-End encryption over internet and global networks is becoming increasing relevant. Although several players (like Signal) have emerged with their own proprietary solutions, we increasingly see such platforms being breached.
Service providers can help by increasing their security using the true double-blind protection offered by WAN-SOCKET. The advantage of WAN-SOCKET is that even if the service provider receives a request for your data, they won’t be able to provide it. Indeed, with true “double-blind” exchanges, WAN-SOCKET presents a simple, pluggable, low-cost, higher security option for securing communications. This more efficient option makes it much harder if not impossible to breach or disable.
Social media networks, video conferencing, telephony, text messaging, and instant messaging platforms and other cloud communications can dramatically increase the power of their encryption security by switching to WAN-SOCKET.
Encrypted Broadcast Protocol (EBP) is a purpose-built network “protocol” that combines the high-performance transmission speeds (commonly associated with UDP transmission) and ultra-strong 512bit symmetric encryption security.
EBP begins where UDP leaves off, adding ultra-strong 512bit symmetric encryption to UDP packets, thus matching the transmission speeds of UDP while automatically correcting for dropped packets. As with most protocols, EBP represents a “layer” in the network stack of internet transmissions that can be used-with or incorporated-into a myriad of other types of programs. EBP was originally designed to facilitate secure transmissions for industrial environments that lacked the ability to utilize SSL certificates or Public Key Infrastructure (PKI). EBP is equally well-suited for deployment and integration with broad-based internet applications as an overall performance and data security booster.
EBP builds on-top of the already fast UDP layer with its own highly efficient sequencing and packet-loss prevention mechanism. This is where the similarities to competitor protocols quickly come to an end.
By making use of proprietary, intelligent Proactive Flow Control (PFC) technology, EBP ‘senses’ network conditions and continuously adapts to them in real-time. Unlike other new era “high performance protocols” that are competing for speed advantages over TCP/IP; EBP is the only modern protocol of its kind to enable true multicast (targeted recipient) transmissions with strong encryption for secure group message delivery.
Additionally, EBP blends-in symmetric encryption with a very small series of bytes in the header of data transmission packets. It also uses strong encryption to protect the entirety of network data packets themselves. Receivers (peers) that are unable to decrypt just the tiny header details can effectively ignore (discard) the rest of any encrypted packets they receive over the network. Without the header, subsequent packets are undecipherable. This computing efficiency allows for the application of massive levels of strong encryption without adding any drag on top of regular network transmission speeds. Combined with UDP and sequencing, EBP is 80% faster than TCP/IP and multiplies encryption strength exponentially.
MEETING TODAY'S CHALLENGES
Although EBP was originally designed for industrial Internet of Things (IIoT) applications, the protocol has shown its utility in many other areas including the cloud and public internet. As the world produces more data and in greater and greater individual file sizes, EBP has demonstrated its usefulness by making these files easier to send.
Like other UDP-based accelerator protocols, such as those currently being marketed or debuted by IBM, Amazon, File Catalyst, and so-forth; EBP solves for the problem of slowness associated with transmitting extra-large files or sums of data. Sending gigabytes, terabytes, or petabytes of data can be extremely expensive and time consuming. This is where protocols with superior transmission speeds are worth far more than their cost.
Further, the competing companies generally leave the security of speed-enhanced transmission protocols to 3rd party handlers (such as SSL certificates). In most cases, the competitor protocols do not directly address security or encryption at all. EBP is designed to work within PKI and entirely without, due to its inherent security structure. Key decision makers know that simpler is better, and EBP makes deployment as turnkey as dropping in a new browser plug-in—while also addressing strong data security as one of its core operating principles. EBP includes the encryption security offering directly in-line as part of the protocol itself. As an all-in-one package, EBP represents the next generation of secure high-speed transfer protocols that do not require external SSL certificates. EBP is designed for simple and ubiquitous integration for virtually any manner of digital data transmission.