Never underestimate the attention, risk, money and time that an opponent will put into reading traffic.

End to End voice and data communications over the Telephone network (POTS, ISDN, and Mobile Phones) are not secured against monitoring or illegal wiretaps. The voice and data can be trivially monitored by any party with access to these unprotected signals. The standard encryption algorithms used in GSM mobile phones is used to secure communications between the hand set and the network carrier, it is decrypted at the network carrier and then transmitted in the clear. The various symmetric encryption schemes used in mobile networks can be trivially broken. The signalling information used to manage call set up and tear down between telephone exchanges (SS7) is not cryptographically protected against passive or active attacks.

The current trend is to move away from the original telephone network and to move to carrying Voice over the Internet. Unfortunately most 'standards based' VoIP systems do not implement any end-to-end security.

As most Internet users are acutely aware the Internet does not protect the privacy of, or assert the authenticity of user information. Secure online shopping and e-banking require the use of a 'wrapper' protocol (SSL/TLS) to encrypt user information before that encrypted information is then transported over the original insecure network. The original network services used to manage the Internet were not designed using cryptographic techniques. These insecure protocols and services than expanded to millions of machines managed by a vast number of independent groups. Incremental security improvements have been in an incoherent and uncoordinated fashion. As a result the Internet system as a whole is inherently vulnerable to a wide range of attacks.

Synaptic is addressing the problem of how to upgrade the security between Internet users as part of our Network of the Future project which we describe below.

Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.

The problem is innately difficult because from the beginning (ENIAC, 1944), due to the high cost of components, computers were built to share resources (memory, processors, buses, etc.). If you look for a one-word synopsis of computer design philosophy, it was and is SHARING. In the security realm, the one word synopsis is SEPARATION: keeping the bad guys away from the good guys’ stuff!

So today, making a computer secure requires imposing a ‘separation paradigm’ on top of an architecture built to share. That is tough! Even when partially successful, the residual problem is going to be covert channels.

The security of the digital world has become a fundamental stake

for the citizen with respect to his individual freedom and protection of his computerized identity and privacy,

for the company with respect to the protection of its computerized industrial assets, the security of its business transactions and the trust level of its information networks, and

for the state with respect to the reliability of operations and the reduction in the vulnerability of large and critical infrastructures: electricity and water distribution systems, communication methods and means, and information and communication systems pertaining to these infrastructures.

It is unrealistic to expect that all existing communications devices that have been deployed and are currently active in the field can be retroactively upgraded to employ information assurance operations. A vast number of these devices have no security operations. Those that do currently offer security operations use cryptographic operations that are at risk of catastrophic failure.  It is not economically viable to upgrade or replace all of these devices before their natural life-cycle is over.  An alternative solution must be found that secures the past and that can also secure the future in a coherent integrated fashion.

Over the last 10 years Synaptic has been working on a new secure "universal network carrier" (UNC) with Network of the Future (NoF) capabilities called Janelda.  A UNC is a new type of network envisioned by Synaptic Laboratories Limited where the communications protocol is explicitly designed from the onset to act as a secure host and performance enhancer for isochronous, cell and packet based network communications. This enables the UNC to natively host all communications protocols such as TCP/IP, ISDN, ATM, Ethernet, and so on with high quality service level agreements.  This also enables a deployed UNC to host entirely new protocols that have not yet been designed, protocols that may have additional smarts or specific binary format requirements. Janelda is designed to support the European NoF, the European secure ambient intelligence (AmI) and the American secure Internet of Things visions.

All of Synaptic technologies fall under a grand unifying vision of a new secure communications ecosystem.

To cost effectively upgrade our land-based communication systems to support 10+ gigabit/s bidirectional traffic to each home the Janelda project was designed to perform all communications operations such as packet switching, packet routing, congestion control, and cryptography cost effectively in standard semiconductor processes.

To satisfy this requirement for a eco friendly and cost effective solution Synaptic Laboratories designed the VEST family of ciphers. These ciphers are 3 to 6 times more power efficient than the US NIST standards based solutions AES-256 and AES-GCM respectively when implemented in hardware. They offer increased range of function and higher security margins. Unlike the AES cipher which was optimised for execution in software the VEST family of ciphers are exclusively designed to support chip-to-chip and packet based communications protocol in semiconductor devices. Hardware ciphers are capable of achieving security in less power than ciphers designed for software because hardware devices allow you to express a wide range of complex functions that cannot be efficiently expressed in general purpose software instruction sets that are limited to simple Boolean and arithmetic operations.

The cryptographic community has recently begun to focus its attention on the design of cryptographic operations that are efficient in the worlds smallest devices. Industry cryptographic competitions were previously organised on the basis that it simply was not viable to deliver high level of security on these devices. Unfortunately because of the quantum computing risk the minimum level of security for data privacy that must be embedded in a device must be as high as AES-192.

Synaptic has carefully studied the hardware device profile of smart cards and the emerging ambient intelligent sensor market. Based on this information Synaptic has designed an efficient method for retroactively upgrading the software in these devices so that they can achieve a 100 year security rating. It does this by taking advantage of the inbuilt micro processor and the hardware US NIST DES cipher implemented in an extremely large number of these devices. This software upgrade to the DES cipher is called PQSDES.

A mantra of the well known security expert Bruce Schneier, founder of BT Counterpane and a pioneer in the development of Managed Security Monitoring, is that "security is a process, not a product". Security cannot be achieved by just adding strong cryptographic algorithms to a computer system. Implementations of the cryptographic algorithms reside within complex computer systems. These complex computer systems then interact with even more complex human dynamics.  A failure anywhere in this ecosystem can seriously compromise security. To learn more about security as a process read Schneier's article here.

Taking the above into account, modern cryptographic security systems still rely on the security of the choice and configuration of cryptographic algorithms. If a central cryptographic component of the crypto system fails, security may be entirely lost.  Synaptic has designed our security ecosystem to strengthen the security process, not just the cryptographic components.  Click here to read more about risks facing mainstream cryptographic systems today.

According to the British Government Technology Strategy Board, "the current way which organisations approach security can be recognised as an underlying market failure which consists of fire fighting security problems, silo'd implementation of technologies, uncontrolled application development practices and a failure to address systemic problems." (read full quote)

Brian Snow summarises the situation by saying "the software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” (read full quote)

Synaptic are working on a unified security ecosystem solution that addresses a wide range of previously specialised domains in a singular framework. Our objective is to specific and implement this ecosystem using high assurance techniques.

According to Brian Snow, operating system security is the current ‘black hole’ of security. In environments where it is not possible to secure the desktop operating system smart cards can provide islands of security in a sea of insecurity. Moving sensitive cryptographic operations such as identity authentication and secure key exchanges from the desktop to the smart card providers a higher level of long term security.

Synaptic offers a wide range of security technologies, including key exchanges and digital signatures, that are suitable for execution on low cost smart cards in production today.

In high security systems it is often desirable to use a cryptographic operation that is in some way different from what other people are using. The choice of a different algorithm, or a secure variation of a fixed algorithm enables risk to be managed through diversification.

Synaptic offers a range of data privacy and integrity operations that offer a diversification technique called family keying. This allows any organisation to create a proprietary variation of the cipher in a strictly defined way that does not weaken the security of the system. The family key is designed the change the cipher in a way different to the standard symmetric key. The family key does not need to be secret. Synaptic Labs' VEST cipher offers a range of family keying techniques that allow variations of the cipher to be built for a wide range of application scenarios (such as unique cipher per chip for verifying the authenticity of a device, or for increasing the cost of third parties cloning their authentication devices).  Synaptic Labs' PQSDES cipher offers family keying that is optimised to protect against subtle cross-protocol attacks.  (Read longer answer to this question)

Consider the use of smart cards, smart badges, or other hardware tokens for especially critical functions.  Although more costly than software, when properly implemented the assurance gain is great.  The form-factor is not as important as the existence of an isolated processor and address space for assured operations – an ‘Island of Security,’ if you will.  Such devices can communicate with each other through secure protocols and provide a web of security connecting secure nodes located across a sea of insecurity in the global net.

Security has often been described as a chain of interconnected links working together.  The well-known industry saying goes that the security of the system is only as strong as the weakest link. These weakest links are single points of potential failure that can result in the security of the entire system failing.

This line of thinking is useful but has often been used to justify the use of less-than-ideal components and weak constructions on the pessimistic basis that the wider system in which it is implemented is inherently insecure.  The limitation in this line of reasoning is that there is no longer any strong point on which we can manage the points that are at risk.  If our goal is to strive for risk management and the design of high assurance systems than we must design and implement each part in the system in a robust manner. Having comprehensively built these strong foundations we can then appropriately shift our focus to addressing the complex dynamics of large electronic systems and human interaction.

Synaptic is designing a unified ecosystem which addresses the long-term security risks and the point-based problem solving to create a strong foundation on which the perpetual wheels of the security process can stand on.  Synaptic Labs' Group, Enterprise, and Universal key exchanges are exemplary protocols that manage the complex human trust relationships to mitigate against the risk of single point of trust failure. The Synaptic key exchange protocols also demonstrate the ability to layer two fundamentally different key exchange techniques in a manner that provides practical increase in security under some realistic attack scenarios. (read longer answer to this article)

Assurance is best addressed during the initial design and engineering of security systems, NOT as an after market patch. The earlier you include a security architect in your design process, the greater the likely hood of a successful and robust design.

As the quip goes, he who gets to the (module) interface first wins.

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes.

Learn more about the facts.

My colleagues at MIT and I have been building simple quantum computers and executing quantum algorithms since 1996, as have other scientists around the world. Quantum computers work as promised. If they can be scaled up, to thousands or tens of thousands of qubits from their current size of a dozen or so, watch out!”

There exists intense scientific debate and speculation as to if large quantum computers can be built, what techniques might work best, and when they may arrive. The debate over quantum computers exemplifies the scientific process at its best.

Within this context the risks posed by the arrival of code breaking quantum computers is widely acknowledged as a serious possibility. As a result cryptographic systems must be designed to comprehensively address this threat. Learn more about what some experts have to say about the threat.

The design of the first large code-breaking quantum computer is currently an open problem (as far as we know in the open community). One of the co-inventors of the first quantum computer advises that code-breaking quantum computers may arrive after a decade (2008). Learn more about what some experts have to say about the timeline.

When planning to manage the anticipate arrival of code-breaking quantum computers it is important to also consider a) the duration that sensitive data must remain secure against attacks, b) how long it will take to implement, and upgrade systems in the field so they achieve post quantum security.

According to an extensive survey performed by the US ARDA in 2004 there are over 155 different research groups trying to build quantum computers. The number of projects in 2008 is anticipated to be larger.

The cryptographic term "post quantum secure" or more formally "candidate post quantum secure" indicates that is it conjectured that the algorithm or system will remain cryptographically secure after the arrival of quantum computers.  This implies that the system must be secure against current classical computing attacks and attacks performed by or with the assistance of quantum computers.

Most computer security systems in use today (2008-2009) rely on cryptographic components that are conjectured to be insecure against large code breaking quantum computers. Click here to read more about the vulnerable systems. Click here to read about Synaptic Labs' post quantum secure ecosystem.

And what they do is remarkable. Since one qubit can simultaneously represent two different values, two qubits can simultaneously represent four (00, 01, 10, and 11, in binary notation); four qubits can represent 16 values; eight qubits 256 values; and so on. Even a relatively small quantum computer, one that had a few tens of thousands of qubits, could consider so many different values at once that it would be able to break all known [ed: RSA, D&H, ECC, AES-128] codes commonly used for secure Internet communication.

All Synaptic security technologies are designed to be post quantum secure.

Quantum key distribution (QKD) utilizes quantum effects to transmit information between two points.  In principle, the sender and receiver party can detect if a bit of information has been recorded by a third party in transit.  This is a type of information-theoretically secure system. However QKD has several physical limitations that limit the distance between the sender and receiver, and the number of parties that can exchange a key over a single link.  QKD is also very expensive, it is currently USD $100,000 (2008) for the hardware endpoints per fiber connection.  Implementations of QKD have also had a series of security failures.

QKD is a immature technology that is not suitable for securing general Internet communications. For a cost effective alternative see Synaptic Labs' Group Key Exchange technology.  (Read longer answer to this question)

Protecting information is difficult. An intelligent attacker will survey the range of attacks against a system and rank them according to cost, effort and effectiveness. Sometimes this might mean a passive attack against a weak cryptographic primitive or an active attack against a poor implementation. A broad class of attacks are based on trying to monitor information that is leaked by a device when it is performing security operations. These are called 'side channel' attacks.

Home and corporate desktop computers are at extreme risk of side-channel attacks in the form of back-doors in operating systems (as a result of flaws in the software), installation of trojans and key-stroke monitoring software, and the like. Firewalls and anti-virus are not sufficient to provide long periods of security with high assurance. As Brian Snow says, "operating systems are the current black hole of security". (see full quote)

A method of increasing security in desktop environments is to use smart cards. See the Microsoft agenda and Brian Snow's opinion. Smart cards are tiny computers that have been explicitly designed to provide security against a very wide range of passive and physically invasive side channel attacks. Synaptic has specifically designed it's security ecosystem around smart cards, using them as a solid basis for building high assurance systems.

Chip piracy of various types is a problem of increasing concern. Chip piracy is not limited to physical chips but can include third party IP modules licensed for inclusion in a chip design and associated firmware. In addition to chip piracy, low-cost reverse engineering of chips can also pose significant security problems for high-tech organisations. There exist a range of proposals for detecting or deterring chip over manufacture. Synaptic have a broader proposal that address attacks before, during and after manufacture for chip designs and associated software. Click here to read more.

Many commercial systems attempting to prevent pirated software from running on their systems only work if the attacker does not modify the game console. Click here to read more about how VEST can help protect against this type of attack.

In many security applications, smart cards and other hardware tokens are used to provide conditional access to information. Typically the cryptographic challenges implemented in the smart card are implemented in software or with software efficient cryptographic components. If the security software on the smart card can be extracted then it becomes possible to emulate the smart card on a standard desktop computer and fake an authentication device. Synaptic Labs' VEST family of hardware ciphers are extremely efficient in hardware and equally inefficient in software. Cryptographic challenge-responses implemented using VEST's hash function when implemented on a smart card can be emulated at-speed on a desktop. The difference between hardware and software execution can be used to remotely detect the difference.

The of code breaking quantum computers presents several difficult problems to risk managers. On one extreme it is possible that the problem of increasing the size and performance of computers might prove an intractably hard engineering problem. On the other extreme code-breaking quantum computers may already exist in well funded closed security communities.

Unfortunately if code-breaking quantum computers are built the security of all our classical systems Learn more about the factscatastrophically fails. This implies that all encrypted data previously transmitted over the Internet could be at risk of later decryption. It is widely acknowledged that Internet Service Providers and Governments monitor regional and international network communications. There is no technical barrier to organisations recording potentially sensitive encrypted information for later decryption on demand. The performance of code-breaking quantum computer is anticipated to break the security on these systems roughly at roughly the same speed it would take a classical computer to legitimately decrypt them. If they do arrive, it is an abrupt and catastrophic failure similar to those experienced by the Oyster smart card devices, but experienced on a global scale.

Individually and collectively a decision needs to be made as to what action should be taken, by whom and at what time in consideration of the potential ramifications and negative effects that are may occur regional and international stability.

The answer to this question depends on many factors related to the system in question. At one extreme small groups of individuals or computers may be able to rapidly achieve a higher level of security using systems based around the Synaptic Group Key Exchange or Enterprise Key Exchange technologies. Synaptic is planning the deployment of a instant messaging system that should enable basic communications (voice, file transfer, etc) to be established rapidly between small groups.

At the other extreme the communications protocols between devices, readers, and back-office servers may need to be significantly revised to achieve the necessary level of security in a manner that is cost-effective over the life-cycle of the system.  For example, EMVco is considering making a protocol change to the Eurocard-MasterCard-Visa banking system.  EMVco advises that "it will take 12 to 15 years for the infrastructure to be migrated in support of the new technique, which is why we are now conducting a review of various options.".  Synaptic Labs' security ecosystem is designed explicitly to address secure RFID credit and debit card transactions in a way that can be cost effectively deployed on current smart cards, achieves 100 year security and maintains the privacy of card holders from third parties.  (Read longer answer to this question)

The cost in upgrading systems depends on the type of system and nature of the upgrade.

The most rapid risk management strategy for upgrading commercial business systems from a possible Learn more about the facts may involve a three stage onion-ring process where inter-office communications is protected, followed by inter-computer communications, and then low-level software is adjusted. In this model the security risks from attacks outside the network against the widest number of devices are addressed first, and then improved security is progressively implemented towards the source of the sensitive material. Synaptic is designing a range of products based on our technologies that would support this rapid-type of risk management strategy to be deployed.

While a wrap-around solution is a highly desirable short-term risk management strategy for some applications it is not a universal solution available to all applications or devices. Synaptic Labs' primary focus is the design of a universal ecosystem, a secure communications framework, that has been designed from the onset to address the combination of unique and partially overlapping security requirements of RFID, ePassports, through to business to business e-commerce in one interoperable system. The creation of a secure low-level communications environment that comprehensively addresses the common security risks found in an application domain helps prevent re-inventing the wheel on a point-basis and allows security developers to focus on solving the remaining complex application specific problems that relate to higher level information flow and access control.

We anticipate that the primary cost in retrofitting production systems with a new layer of security protection, and the creation of new secure applications will be in the human costs and not in the licensing of security technologies.

It is the Microsoft agenda to increase corporate operating system security by deploying the security in smart cards. As part of this strategy they have designed their own smart card operating system based on the .NET platform with Gemalto. All Microsoft employees must have a smart card.

Smart cards increase operating system security by providing a small but secure computer environment for performing cryptographic operations such as user authentication and signing documents.

Smart cards have been optimised for performing a limited set of cryptographic operations. Unfortunately many of the algorithms they have been optimised to run are at risk of catastrophic security failure. This requires a new cryptographic landscape.

Synaptic offers a range of next generation cryptographic operations that avoid the need to retool the smart card industry. For example Synaptic Labs' PQSDES cipher is designed specifically for implementing Lamport-Diffie-Merkle digital signatures entirely in smart cards to achieve the necessary level of security and efficiency. Synaptic also offers alternative technologies for implementing digital signatures on smart cards that have various performance / security / efficiency trade offs.