Your company currently uses open source and de facto security standards. You want to avoid getting out of step with the industry. You do not want to invest in a security product that may not win wider industry support. Synaptic Labs' technologies are designed to overcome these barriers to acceptance. Most of the enhancements made possible by our technologies can be easily won when you continue to exploit your existing security investments and industry standards!

For example, our key exchange solutions are simply a better way of using standards based cryptography to negotiate a new session key which can then be supplied to existing security standards for performing data protection operations. The underlying techniques employed in Synaptic’s key exchanges are known and trusted secure networking techniques. The inventive step is bringing the known techniques together in a way that overcomes limitations of more naive approaches. No new body of cryptographic theory is required to understand why the Synaptic solutions work. No complex quantum physics. No expensive fibre optic connections, or new network transceivers. No new communications infrastructure. More often than not, there is no need to change the hardware designs for devices that are currently being manufactured. Many devices can be upgraded in the field or by returning them to base.

If a particular Synaptic solution adds in a networking or cryptographic element alongside the existing standards solution then this extra element is itself derived from open sources that have been well studied and trusted. No new mathematical theory, no quantum physics, simply a conservative way of bringing together known and trusted techniques to build a superior and inventive solution. Synaptic solutions are suitable for small groups through to billions of users.

Lets provide an example: all the Synaptic key exchanges can be deployed using your current US NIST standards cryptographic algorithms such as AES-256 and SHA-512. Now that is a good start, let's go deeper. We used a derivative of well known networking and multi-path key exchange techniques ON A ONE TIME BASIS to ensure that your current asymmetric key exchange operation is performed in a manner that removes the need for any further key length upgrades and whereby even super computing power e.g. of a code breaking quantum computer, cannot be brought to bear against the asymmetric key exchange. As Professor Jacques Patarin says, the solution is simple, effective, suitable for universal applications such as eCommerce and the underlying cryptographic security can be easily argued from the strength of the trusted algorithms selected. Compare this to proposals for new public key algorithms, such as the recently accepted ECC algorithm, that required approximately a twenty year flawless security record based on intense global study before they can become trusted, or with quantum physics based solutions that need fibre optic direct links and expensive unproven hardware!

Synaptic techniques are low risk because they are based on a small incremental improvement on established cryptographic techniques and can use industry standards. So what other differentiators will Synaptic technologies provide?

Many. Lets use asymmetric algorithms and the Synaptic post quantum secure key exchanges as the example again. Existing PKI exchanges use asymmetric algorithms to negotiate a symmetric session key which is then used for high speed data protection operations. When you initialise with the Synaptic method it is unnecessary to use asymmetric algorithms again. Part of the reason is because we store the session key securely in hardware security modules such as smart cards. To satisfy standards you might choose to use asymmetric algorithms to generate each new session key, but this operation can be ‘protected’ by a layer of security using standards symmetric algorithms that are already accepted as long term (including post quantum) secure. In this way you can continue on with the stronger trusted US NIST algorithms, but with the advantage of knowing that when equivalently rated standards-based systems fail your data will remain secure.

In performance sensitive systems you can simply rely on the secret in the smart card and standards based symmetric techniques to negotiate new session keys faster and for less cost than existing PKI.

As a further incentive, the Synaptic key exchange techniques open a new opportunity for simple low risk 100 year secure identity-based encryption and secure email. That is, using the email address as the key, thereby simplifying key-management and reducing the cost of doing business.

So, with one simple added procedural step you can remove a) the risk of short to medium term decryption of your recorded data, b) remove the incentive for wait-and-see attacks, c) cost of periodic asymmetric algorithm key length upgrades, d) remove the risk of catastrophic failure resulting in a disruptive and inadequately planed rip and replace scenario should code breaking quantum computers arrive. Additionally you can to take advantage of new features to make your system FASTER and more efficient, and with new functions such as identity-based email. All this is achievable with a small enhancement to your existing standards based security investment. Your Customers should like those advantages! There are many other important differentiators, we have just pointed to a few. Here is one more. The Synaptic solutions can be deployed within an organisational unit, within a group of collaborators and wider groups without impacting negatively on the existing industry standards based operations.

Early adopters and collaborators win the opportunity to shape the universal deployment of Synaptic technologies with the added opportunity of potentially bidding in to the massive proposed Obama-Biden Homeland Security projects.

Some people believe that clever advances in physics such as quantum cryptography will create universal security solutions to overcome these recognized risks. While most people agree that the mathematical theory appears sound, the problem is achieving a secure reduction to practice - real world attacks plague quantum cryptography just like classical cryptography. The systems available on the market are not perfect. They are no more perfect than they are universal. Quantum Key Distribution requires line-of-sight lasers or optical fibre with expensive purpose-built hardware (USD 100K+ a pair) just for performing key exchanges. The proponents of QKD openly acknowledge that the technology is not suitable as a general purpose replacement for at risk public key cryptography.

Many cryptographic teams are attempting to find the “next” asymmetric cryptographic primitive that will achieve security against classical and quantum computers. The vast majority of these schemes have been quickly found to be insecure against classical computers. Elliptic Curve Cryptography took approximately 20 years of strong resistance against attacks before it could be trusted: even when it offered a 64:1 performance improvement over RSA to achieve a 256-bit classically secure rating. The reason for this is that asymmetric techniques are notoriously difficult to prove secure. New proposals have NOT withstood the necessary level of intense active global cryptographic study required to validate that line of approach. The comprehensive US ARDA report on the development roadmap for quantum computing claims that new quantum algorithms may emerge that would attack the 'hardness' property championed by many of these new schemes, including against McEliece schemes. Existing and candidate asymmetric cryptographic primitives cannot achieve the necessary level of assurance to provide 100 year security ratings with any confidence.

So why do we hear so much more about QKD than classical cryptographic approaches? The answer may lie in the vastly different financial backing received by the two different approaches. Quantum cryptography receives most of its funding as part of the over-all research into building code-breaking quantum computers. Ironically the lack of a hard date for the arrival of large code-breaking quantum computers has made it difficult in practice for the cryptographic community to coherently organise itself to begin addressing the long and hard open problems for building asymmetric cryptographic solutions.

What is clear is that the community needs to build commercially relevant high assurance systems that address the hard known security risks that are of great importance to our interconnected information society.

Synaptic Laboratories, as a privately funded organisation, has taken a lateral approach to solving the problem of building post quantum secure cryptographic systems. Instead of searching for a new 'hard' mathematical problem which may or may not be secure against classical and quantum computers, Synaptic successfully for a solution based on known strong symmetric cryptographic components. These strong symmetric components are based on established cryptographic techniques and hardware security modules to build the required functionality.

With conservatively large parameters supporting 256-bit security ratings against code-breaking quantum computers Synaptic can justifiably argue 100 year security ratings with high assurance. Who wants to go to the expense of deploying a new untrusted asymmetric algorithm that has not withstood the necessary global cryptographic study required when you could use the Synaptic techniques that are based on already trusted symmetric standards based cryptography?

Can you afford to run the risk with intrinsically complex solutions that have not withstood the necessary test of time and have NOT won the acceptance of the wider cryptographic community? Likewise, can you afford to wait and see if a better solution comes along?

It can take the commercial sector more than 10 years to migrate to a new cryptographic algorithm AFTER one is finally accepted and trusted as a new standard. In the meantime most secure data is being recorded, or is at risk of hacking, and it cannot then be retroactively made secure against advances in classical attacks or quantum computers when they arrive. Our modern information society is completely interdependent. Why ignore the risks when Synaptic offers a simple and effective risk management solution that guarantees business continuity and also makes OTHER system enhancers and product differentiators possible?

Apart from the increased assurance and other wins Synaptic technologies make possible they also offer an opportunity for UNIVERSAL global standardisation for 100 year post quantum security at low risk and low cost.

Let us explain why we see this vision. Firstly, the Synaptic solutions are designed for the full range of devices, ranging from Ambient Intelligence through to multi-gigabit communications. Secondly, the barriers to acceptance have been carefully addressed in a coherent manner from the beginning of the ecosystem design. Thirdly, we are exploring high assurance design processes that would enable the implementation of the technologies to be used in a global critical infrastructure project that may connect every building in the world.

Fourth, Synaptic have filed patents that cover the fundamental building blocks for: (a) creating a scalable many-to-many long term secure key exchange systems based on symmetric techniques and (b) efficiently accelerating the full suite of long term secure cryptographic operations on smart cards while remaining efficient on desktops. This patent foundation can become the basis of a uniform UNIVERSAL global deployment that is commercially viable and that avoids the risk of later needing to bridge disparate systems. We anticipate that industry and the open community will collaborate together to determine the most refined implementations.

We anticipate that Synaptic’s extensive use of existing and trusted cryptographic and networking techniques will enable the global community to rapidly converge the most optimal implementations of Synaptic Labs' technologies. The absence of a competitor with similar credentials makes the Synaptic solutions exciting.