Whitenoise

Data Encryption & Identity Management

Whitenoise Laboratories Inc.

• IP IP – Whitenoise Encryption & Identity AlgorithmWhitenoise Encryption & Identity Algorithm

• US/International Patents Pending- (US) US/International Patents Pending- (US) 2004 024 7116 • IPEA advisory all 23 claims allowed (May 2005)IPEA advisory all 23 claims allowed (May 2005)

• Business ModelBusiness Model

– Licensing of Technology to manufacturersLicensing of Technology to manufacturers– Sales of Whitenoise Labs developed encryption products (through Sales of Whitenoise Labs developed encryption products (through

distributors)distributors)

• Fully compliant Cdn Federal Gov’t regulationsFully compliant Cdn Federal Gov’t regulations• Vancouver BasedVancouver Based

• Extremely Secure - Extremely Secure - Keystream length Keystream length exceedsexceeds the size of Data to be the size of Data to be sent or stored (Keys built from small amount of stored data) sent or stored (Keys built from small amount of stored data)

- Keystream Data never transmitted- Keystream Data never transmitted

• Fast – Fast – 5 Clock Cycles per Byte (S/W) >2 Bytes / CC (H/W) – Done in FPGA5 Clock Cycles per Byte (S/W) >2 Bytes / CC (H/W) – Done in FPGA

• Key Set Up Time < 7 msKey Set Up Time < 7 ms

• Error Tolerant - Error Tolerant - Only damaged bits affected no reliance on preceding Only damaged bits affected no reliance on preceding or following dataor following data

• Efficient - Efficient - Low Processor Requirements – Lower cost devicesLow Processor Requirements – Lower cost devices

• Data Type Independent - Data Type Independent - Multimedia Support – Multimedia Support – Voice Data Video Voice Data Video – Real Time – Real Time streaming, Video Surveillancestreaming, Video Surveillance

• Manages Linear Offsets - Manages Linear Offsets - Strong Identity & Digital Rights ManagementStrong Identity & Digital Rights Management Applications Applications

- Receiver & Sender synchronized Keystream- Receiver & Sender synchronized Keystream

• Scaleable - Scaleable - Small Footprint Small Footprint << 300k – Will run on 8 bit cpu 300k – Will run on 8 bit cpu

Whitenoise Program Attributes

Strong

WeakSlow Fast

DES

AES

Triple DES

RC4

Whitenoise

SEAL

StrengthS

peed

Whitenoise Positioning

(CPU/Processor Very Efficient)

Blowfish

Encryption Strength

( CPU/Processor Intensive)

Whitenoise on an FPGAWhitenoise on an FPGA

xc2v1000

Whitenoise in Silicon

• Xilinx xc2v1000 is rated at 1Million gatesXilinx xc2v1000 is rated at 1Million gates

• one stream encoding used 3% of logic which is approx 30,000 gatesone stream encoding used 3% of logic which is approx 30,000 gates

• estimate would be 5000 ASIC gates for one stream encoding + 64 kB memoryestimate would be 5000 ASIC gates for one stream encoding + 64 kB memory

• Small footprint = Small footprint = low power consumptionlow power consumption

• Outputs can be ganged (if required) for very large data streamsOutputs can be ganged (if required) for very large data streams– Ex. Optical Carrier networksEx. Optical Carrier networks

• OC 192 = 10 Gbps, OC 768 = 40 GbpsOC 192 = 10 Gbps, OC 768 = 40 Gbps– Ex. Synchronous Digital Hierarchy (SDH)Ex. Synchronous Digital Hierarchy (SDH)

• STM-64 = 10 GbpsSTM-64 = 10 Gbps

• High throughputHigh throughput

• No latencyNo latency

Whitenoise in Silicon

• Characteristics of FPGA Characteristics of FPGA

– Low costLow cost

– High Speed Encryption/DecryptionHigh Speed Encryption/Decryption

• 1.28 + Gbps1.28 + Gbps

– Channelized ( 2 independent channels )Channelized ( 2 independent channels )

• More Powerful Chips = Higher Speed/More throughputMore Powerful Chips = Higher Speed/More throughput

– Current Xilinx Chip $5-$10 (Volume) = 1.28Gb/sCurrent Xilinx Chip $5-$10 (Volume) = 1.28Gb/s

– Next Model Up ~$80 = 12.8 Gb/sNext Model Up ~$80 = 12.8 Gb/s

• STM-64 = 10 GbpsSTM-64 = 10 Gbps

• OC 192 = 10 GbpsOC 192 = 10 Gbps

– ASIC Implementation in 3ASIC Implementation in 3rdrd Party Electronics Party Electronics

Whitenoise & Data

StorageStorage

• Does not increase stored file sizeDoes not increase stored file size– 256 bit offset/id256 bit offset/id

• Bit for Bit encryptionBit for Bit encryption• Bit error tolerantBit error tolerant

– Only damaged bit corruptedOnly damaged bit corrupted– No relationship with bits preceding or following as with block ciphersNo relationship with bits preceding or following as with block ciphers– Compatible with data recovery schemes (RAID)Compatible with data recovery schemes (RAID)

• Extremely fast encrypt/decrypt functionExtremely fast encrypt/decrypt function– No apparent latency No apparent latency

TransmissionTransmission

– Efficient real-time transmission of large files (Financial)Efficient real-time transmission of large files (Financial)– Increased security Increased security

• Keystream 10Keystream 106060 Bytes in length Bytes in length– Secures wireless transmissionSecures wireless transmission

• Wireless networks SatellitesWireless networks Satellites

Voice & Video

• Data Independency allows pre-caching for optimal performanceData Independency allows pre-caching for optimal performance

• Voice over IP or WirelessVoice over IP or Wireless– No additional latencyNo additional latency– Extremely fast Extremely fast – SecureSecure

• Keystream length exceeds the length of the conversationKeystream length exceeds the length of the conversation– Error tolerantError tolerant

• Interruption in transmission only affects the portion involvedInterruption in transmission only affects the portion involved• Digital radio packet transmissions synchronizeable for error toleranceDigital radio packet transmissions synchronizeable for error tolerance

• VideoVideo– Real-time video encryptionReal-time video encryption– Stored video not inflated by encryptionStored video not inflated by encryption– Instant access to any point in stored encrypted video fileInstant access to any point in stored encrypted video file

• First respondersFirst responders

Dynamic Identity Verification Authentication (DIVA™) & The IDM Key Offset

etc.-01100011001101001101010100101010000101011010101010-etc.

Last Session Ended Here (‘X’)

+’n’

DIVA remembers end point of this session

Terminal requests Access to encrypted content

Server knows last session end point in keystream

If additional Identity Verification required tells terminal to go ahead ‘n’ bits in key & send back ‘y’ bits

If terminal can comply identity is verified & content is delivered

Terminal’s Whitenoise IDM Key

Media Library

Key Database

• IDM - Positive identification of receiving deviceIDM - Positive identification of receiving device

• Unique synchronized communication channel between data sender and Unique synchronized communication channel between data sender and receiverreceiver

• Multimedia may be streamed and/or stored for later playMultimedia may be streamed and/or stored for later play

• Key associated with terminalKey associated with terminal

Cannot be played on another deviceCannot be played on another device

• Supports real time voice, video, music, text and games (yes games)Supports real time voice, video, music, text and games (yes games)

Never decryptedNever decrypted

• Content encrypted once and placed on serverContent encrypted once and placed on server

• Title key sent uniquely encrypted in terminal key to user Title key sent uniquely encrypted in terminal key to user

Low overheadLow overhead

Whitenoise & DRM

Whitenoise Delivers Games and Movies

• Utilizes Central server(s)• Unique Identity Key assigned to subscribers’ Receiving Device

– Uses Serial number or other unique Identifier + Whitenoise• Content is encrypted in Key for that title ( Game, Movie, TV Clip, etc.)• Subscriber requests download• Key for that title is sent to receiver securely encrypted in their unique identity key• Content is never decrypted even in storage on the device• Whitenoise fast enough to decrypt (play) on-the-fly (Demo kit available on request)

Unique IDM

Media Library

Request Media

Key + Content

Key Database

Whitenoise Delivers Voice and Text Key Database

• Provider establishes data base of pre-engineered session keys

• Cell phone/ PDA owner selects Session keys from list

• Similar to Downloading Ring tones

• Database contains user’s Serial #, NAM/Private Key pair

• Session Key is sent encrypted using Private Key to user’s handset & decrypted

• Prevents interception by third party

• User notifies trusted party which Session Key he is using for them

• They go to database and choose same key for communication with that individual

• Keys are transmitted encrypted in their Private Key and decrypted

• During secure call setup Session Key is selected and agreed upon between Cell phones PDA’s

• Transmit/Receive orientation and offset is completed

• Secure Session enabled without transmission of keys

Whitenoise SDK-DDK

• Our engineers will work with your team to integrate the Whitenoise module into your:– S/W application

– Silicon

• Add speed & security to your product• Invisible to the user• Protect the rights of your content provider• Contact: abrisson@wnlabs.com

Whitenoise

Data Encryption & Identity Management