Historically, there have been a number of objections to using a Vernam Cipher in the network. In this post, we discuss how using STOP technology removes these objections and makes it possible to use the strongest known encryption for network security. Technological advances like abundant bandwidth, storage capacity, and cheap, multi-core computing with clever, “out of the box” ideas have led to a working solution
There have been multiple reasons given for why using a Vernam Cipher in a network is no more secure than using Algorithmic encryption. The main reason given is, if you use Algorithmic encryption to encrypt the entropy that is stored in the virtual “Pad”, it will be no more secure than the encryption itself. While this is an argument, it is not completely true if your adversary can only decrypt with a brute force attack. If you only send the random information using Algorithmic encryption, it will no longer be susceptible to Brute Force attack because the data being sent is random. In order to know you have a solution in a Brute Force attack, you need to know something about the data to know when you have a correct solution. This chink in the reasoning opens the question – are there ways to get around all the other arguments?
With STOP, we set out to address each point one at a time:
- Issue: The Pad material has to be as long as the data being encrypted.
Solution: Expand the entropy into a larger pool of true random in a cryptographically secure way.
- Issue: The entropy is no more secure than the method used for encrypting it.
Solution: The entropy is encrypted with a Vernam Cipher so it is perfectly secure.
- Issue: If the pad material is as long as the data, there will never be enough material to encrypt the pad itself.
Solution: By expanding the entropy and generating expanded Pads”, there is more than enough material to encrypt both the data and the Vernam Cipher.
- Issue: The Pad material will get out of sync and there is no way to recover.
Solution: This is no longer true and methods of resyncing data are well understood. This argument likely predates TCP streaming that guarantees packet delivery.
- Issue: The Pad material doubles the amount of data being sent and is inefficient.
Solution: Today we have a glut of network bandwidth. In nearly all cases, this is simply no longer a valid issue. Also, by expanding the entropy, the Pad material sent is only a fraction of the size of the data.
- Issue: The Pad material can be intercepted as it travels through the network making it easy to intercept and collect.
Solution: The entropy is: a) encrypted with a Vernam Cipher, b) utilizing Moving Target Defense so it can not be easily intercepted, and c) the entropy sent is not the Pad material that is actually used for encryption because of expansion.
- Issue: You cannot generate enough True Random to satisfy network encryption.
Solution: Breakthroughs in Quantum Random Number Generators allow for Gbps of quantum to be generated. This, along with entropy expansion, solves this problem.
With these issues addressed, we can move forward with utilizing Vernam Cipher encryption for network traffic.
For more information, please visit our Learn page and check out our White Papers, Videos, and other information