PACid’s data security offerings are a suite of solutions that share common features, but they can be implemented in a variety of ways with different levels of security and different levels of associated cost/complexity.
In this discussion we talk about five levels of data security, although that is a simplification as additional variations could be implemented within some of the levels.
All five levels of security start with a common platform. Instead of relying on users to create strong passwords and change them frequently, PACid’s solution takes care of that automatically. Once the user has activated a secure device, all other user ID and password management is handled behind the scenes (machine to machine at machine speeds).
Passwords and user IDs generated by the PACid system are long, complex, and used only once. Making not only the password but the user ID itself complex and dynamic adds an additional level of security. The personal authentication credentials are created automatically using a set of “Master Secrets.” Additionally, the encryption solution on the connection between the user and the host is changed every few minutes.
We call applications that use our dynamic security technology “PACid-Enabled applications.” The five levels of data security are different ways the user could connect to the PACid-Enabled application. The host side is the same in all five levels.
PACid’s five levels of data security are:
- Software only (installed on a single device such as a PC, tablet, or smartphone)
- Software + removable memory device (software on the PC handles the encryption work; the Master Secrets are stored in the removable memory device)
- Software + mobile intelligent device (the PC runs the application and the mobile device protects the Master Secrets and performs some of the related tasks)
- PACid Bunker: application-specific device with limited computing power (PC plus mobile device plus PACid intelligent bunker)
- Limited capability secure computing device (standalone or physically embedded within a normal computing device – user has very little ability to update, upgrade or install any software or malware)
One of the noteworthy features of the five levels of security is that levels 3 – 5 can only be compromised by someone who has physical possession of the device housing the Master Secrets. This would eliminate the vast majority of data breaches, as such attacks are almost always made remotely, often from another country.
Before describing how these levels work we need to present some background information.
Please read the page on PACid’s Bolt-on Strong Security (BoSS) for an introduction to how our approach to data security works. The five levels described here are different ways to implement the BoSS technology.
There are several concepts common to all five levels of BoSS:
- Master Secrets: a 2048-bit Master Secret is used in conjunction with a date/time stamp to generate authentication (one-time use logon credentials) and an encryption solution. We selected 2048 bits because it provides more than enough data to generate unbreakable authentication and encryption without using excess system resources. Every application and every use has a unique Master Secret (i.e., if the user has 300 accounts there are 300 unique Master Secrets, one for each account).
- User Credentials: username/password combination used to access a remote server, such as a bank account.
- Application: whatever you are using the PACid system to protect. It could be to access to a bank account, a credit card, a secure server, etc.
- Session credentials: everything needed to establish a secure connection including user credentials, encryption algorithm and key, etc. In the PACid system all session credentials, including user credentials, are one time use only.
- m-bit result: a string of bits that the application uses for various security-related needs. The m-bit result is used to create user credentials, an encryption algorithm and key, and/or a signature – whatever the application needs. The application sends the PACid system a request that can be any number of bits (“n-bit”) long. The system creates a unique m-bit result used for that session only which is passed back to the application, which then parses those bits into the different ways it is using them. The input is referred to as n-bit and the output is referred to as m-bit to indicate that they may or may not be the same number of bits; n may be equal to, less than, or greater than m.
The following patents apply to all five levels – they cover the core user authentication and secrets/encryption key management: 9,165,153; 9,411,972; 9,577,993; 9,876,771; 10,044,689; 10,171,433; 8,934,625; 9,172,533; 8,782,408; 9,407,610; 9,654,451; and 9,882,883.
Level 1 – Software Only
Our Level 1 solution doesn’t require users to have any special hardware at all. As the name implies, it’s software installed on the computing device in order to run PACid-Enabled applications.
The Level 1 solution provides a massive improvement over what most users have today, and it would stop a large number of data break-ins. But several vulnerabilities remain. It’s vulnerable to snooping attacks when the “Master Secrets” are accessed by the PACid software to create the temporary, one-time use credentials that are used to actually connect to the host. The user ID and passphrase that are used to activate the PACid system are also vulnerable to key-stroke snooping and discovery.
Our Level 1 solution offers the following benefits over current data security technology:
- Most people are the “weak link” in their own data security: re-using passwords, using simple passwords, failing to change passwords on a regular basis. The Level 1 solution does away with those problems by automatically generating long, complex user credentials that are only used once. See our page “Information for Consumers” for more details.
- Impervious to “phishing” attacks: end users do not have access to the Master Secrets that are used to generate the session credentials needed to access their accounts. See “For Data Security, Employees Are the Weakest Link” for more information.
- Impervious to “brute force” attacks: passwords are sufficiently long and complex – and changed often enough – that they are unbreakable with current technology.
- Connection encryption is much stronger than the current state of the art – not only does it use long complex keys, those keys are changed every few minutes, making it impossible for someone intercepting the link to acquire enough data to crack it – and if they somehow did acquire enough data or otherwise acquired the key and were able to crack it, they would only have access to a few minutes of data before the encryption solution was changed again.
- Can also enable dynamic encryption algorithm hopping; changing not only the key but also the method of encryption on the fly.
- Impervious to “man-in-the-middle” attacks: the encryption solution for each session is parsed from the m-bit result and there is no SSL exchange. The famous “Heartbleed” data breach which revealed a major system flaw in the https protocol would not have affected PACid-Enabled applications.
We use techniques to insure that someone is physically typing on the keyboard and moving the mouse of the computer to reduce the likelihood that someone has “hijacked” the computer and is operating it remotely, but an expert and dedicated cracker could still defeat a Level 1 setup by capturing the username / password the user enters to activate the PACid system, stealing the Master Secret files, and cloning the PC.
Level 2 – Software with a Removable Memory Device
In our Level 2 solution the Master Secrets used to spawn the credentials for the secure connections are no longer stored on the computing device. Instead they are stored on a removable memory device, such as a USB drive or a SD memory card.
Level 2 offers the following benefits over Level 1:
- The memory device containing the Master Secrets can be removed from the computing device when not in use by secure applications, protecting them from remote access via one of the many insecurities inherent in computer networks.
- The Master Secrets files can be carried from one computer to another, such as office to home or desktop to laptop.
There are vulnerabilities that remain with the Level 2 solution: the Master Secrets are still moved to the computing device to create the m-bit result used in generating the session credentials and they are vulnerable to snooping during the few milliseconds they are in the computing device’s memory. The user ID and passphrase used to activate the PACid system are still vulnerable to snooping using software that can log what users type on their keyboards.
Level 3 – Software with a Mobile Intelligent Device
The Level 3 solution uses an intelligent mobile device (which could be a smartphone or tablet) to store the Master Secrets and generate the m-bit result that contains the information the application needs to generate the one-time-use credentials and encryption solution for the secure connection.
The mobile device does not do any actual encryption or run any complex algorithms. All it does is perform a limited set of operations necessary to protect the Master Secrets and spawn an m-bit result which is passed back to the PC. The PC uses the m-bit result in the process of creating the user credentials and encryption solution used to connect to the host. The mobile device can be connected to the PC via USB cable, WiFi, Bluetooth, or any other means.
Level 3 provides the benefits of Level 2 (security and portability of Master Secrets) plus:
- The Master Secrets themselves that are used to spawn the session credentials never leave the mobile device; therefore the “family jewels” are not exposed to the vulnerabilities that are present in a general purpose computer.
- User inputs (entering the username and password required to activate the PACid system) are not made on a keyboard directly connected to the computer. This provides protection from keystroke logging malware on the computer.
- The application can take advantage of any additional security features on the mobile device such as a fingerprint, pin, or voice recognition.
The only way for a malevolent party to hack into a Level 3 solution would be to clone the mobile device, which would require physical possession of the device for a brief period of time, putting it outside the range of possibilities for most hackers.
Depending on the application, it would be possible to implement a complete Level 3 solution on the mobile device, although that could result in poor performance as it may require more system resources than are typically available on a smartphone or tablet, and would be a big drain on batter life.
PACid’s encryption technology could also be used to create secure telephone connections between devices that shared a Master Secret.
Level 4 – The PACid Bunker
The Level 4 solution, the PACid Bunker, addresses the above mentioned vulnerability that the Master Secrets could be compromised by cloning the phone.
The PACid Bunker is proprietary hardware device. It is a very simple device with limited memory and processing capability. The Master Secrets reside in the bunker and never leave the bunker. The bunker is designed in a way that there is no command that can be sent to it that would cause it to read out the Master Secrets. Banks or other organizations that are PACid-Enabled could give the PACid Bunker away to new customers – it would be cheaper than many other “giveaways” such as toasters.
As with Level 3, an intelligent mobile device (smartphone or tablet) is used as the interface to the PC. In this case, the mobile device serves as an interface between the PC and the bunker. The only output that can ever come from the bunker is an m-bit result – it is not capable of outputting the Master Secrets themselves. Testing to verify the Master Secrets were properly stored is done by outputting an m-bit result and verifying it is correct. If there is an error, the Master Secrets are simply reloaded.
The mobile device passes the m-bit result spawned by the bunker to the PC where the actual compute intensive encryption is performed and the connection is established.
Level 5 – Secure Computing Device
Level 5 provides the ultimate in data security. As with Level 4, it would require a new proprietary piece of hardware. This would be a custom-designed computing device which could either be a standalone device (perhaps similar to a netbook or tablet) or it could be embedded in a normal computing device. It would have a custom operating system and very limited ability to update, upgrade, or install any software or malware.
As personal computing devices have become more capable and more complex they have also become more vulnerable to a variety of attacks that rely on infecting the device with viruses or “malware.” By severely limiting the input/output ports and the type of software that can be run on the device it makes it much easier to protect the device from such attacks.
In a Level 5 solution, all activities are conducted within a highly secure environment (akin to the military’s TEMPEST standards). This provides the ultimate in data security. It also comes with a price, as it requires a custom computing device and that device by definition must have much less capability than a standard computing device.
PACid’s Level 1 solution – implemented in software only – provides a level of security far superior to anything currently on the market. But as hackers are determined to steal your data, it’s not enough to just be better than today’s technology.
PACid has always taken a visionary approach to data security, focused not only on today’s challenges but on the challenges of the future. Our five levels of data security can keep the “good guys” ahead of the “bad guys” for many years to come.