Enigma Bridge & University College London
Multi-party keys and encryption can be split between several computing platforms, implementations of operating systems as well as between geo-graphical locations.
This demonstration shows processors in 2 locations - at DEFCON and in our Cambridge, UK office.
Our hardware for efficient use of JavaCards makes large numbers of processors available to internet users without any visible bottleneck.
It also shows that the encryption protocol is fast for most of business use cases.
The last demonstration shows how your keys remain secure even when several of your processors may be compromised.
While we demonstrate this resiliency on decryption with three processors, we are efficient for much larger numbers.
It is common sense but we tend to look at things in a certain way. We discuss security of cloud platforms, but forget they run on physical processors that had to be designed, manufactured, and initialized.
Payment industry may require hardware security modules (HSM) but they only protect your keys from people using them. What about people who manufactured their processors or network cards.
- Independent design
- Independent fabrication and disjoint supply chains
- Affordable and available
- No single trusted party
- Full and perfect distribution of secrets and keys
- Parallelised dstributed processing
- Provably secure (i.e, mathematical proofs)
Use different Javacards designed and manufactured by independent parties
Run the same protocols in Javacard simulator on ARM, Intel, or SPARC platforms
Create keys distributed across countries and continents
Advances of countries in Asia, South America, and North Africa mean that we can use processors with diverse supply chains.
If there are bugs or malicous code in all such processors, we can still assume our security holds as long as world powers are not willing to share their secrets.