Protect Web browser and SSL/TLS based applications with Assure SSL/TLS Exoskeleton!

Problem

Web browser security, E-commerce, e-banking and many proprietary business applications rely on the security of the popular Secure Socket Layer (SSL) standard and its successor the Transport Layer Security (TLS) standard.  Both these protocols rely on at-risk standards based cryptography to perform key-exchange and authentication operations.  When these at-risk components fail, SSL/TLS traffic previously recorded in "wait-and-see" attacks will be discoverable at that time by an attacker.

If your organisation runs SSL/TLS to protect its e-Commerce transactions, web-servers or proprietary business applications, then this sensitive information may be exposed in the relatively near future!

Solution

Synaptic Labs' Assure SSL/TLS Exoskeleton will address these known risks by wrapping around and protecting SSL/TLS traffic.

Specifically, one Assure SSL/TLS Exoskeleton is placed in front of the SSL/TLS Server and another in front of the SSL/TLS Client.  The two Exoskeletons monitor the Internet facing traffic of the SSL/TLS software and protect the at risk portions of the SSL/TLS traffic using robust post quantum secure techniques.   The standards based SSL/TLS protocols are not modified, and interoperability is maintained.

For performance sensitive applications, only the cipher parts that are known today to be at risk of catastrophic failure are protected.  For applications that require long term security assurances the full range of defensive counter-measures are applied.  These defensive counter measures are designed to protect your data in the advent that the practical security of AES-256 is compromised by new attacks that have not been invented yet.

The first generation of Assure SSL/TLS Exoskeleton is targeted to protect business services provided by an organisation for their internal and inter-organisational requirements.  The second generation of Assure SSL/TLS Exoskeleton will be targeted to wide spread e-Commerce and website server protection with widespread integration directly into mainstream web browsers.

Case Use: Viewing enhanced secure websites through a Web Browser

In the first generation solution web-browsers such as Microsoft Internet Explorer, Netscape Firefox, and Apple Safari can be adapted by the system administrator to use the Assure SSL/TLS Exoskeleton.

Case Use: Unmodified SSL/TLS Business Application

The Assure SSL/TLS Exoskeleton can be installed as a stand-alone service to protect existing SSL/TLS communications without modifying the business application source code or compiled executables.

The assure SSL/TLS Exoskeleton will accept all incoming SSL/TLS and Assure SSL/TLS requests and forward the SSL/TLS traffic through to the original unmodified business application.  In web-server applications, the Assure SSL/TLS Exoskeleton can forward traffic to two different Internet/URL addresses, thereby allowing scripts running on the web-server to detect if the incoming request was protected using Assure or not.  Web-servers can then provide conditional services based on the security level of the incoming request.

Case Use: Modified SSL/TLS Business Application

The Assure SSL/TLS Exoskeleton is being designed so it can be installed in a few lines of code.

Java applications that use the inbuilt Java Secure Socket Extension (JSSE) library will be able to modify a few lines of code to insert the Assure Exoskeleton in between JSSE's SSL/TLS logic and Java's Sockets network interface. Existing SSL Accelerators called through Java will continue to work unmodified.

C applications that link with the OpenSSL library will also be able to modify a few lines of code to insert the Assure Exoskeleton in between the OpenSSL logic and the network interface.

A smart card and hardware security module based solution

The Assure VPN Exoskeleton employs Assure Tokens (in the form of smart cards or hardware security modules) on the client and server side to achieve unprecedented levels of long-term security assurance at low cost, protecting an organisation's information assets and their investments through the application of Synaptic Labs' post quantum security technologies.