What makes it different in terms of function ?
How does DARE actually work ?
The steps detailed below are a general explanation of how DARE works to protect data. These steps are in a basic non-technical format and each step can be expanded to find more detail about that step. While these steps are a description for how the technology works, each of our products implements this technology differently and adds additional functions and features that enhance this basic technology described below.
For DARE an environment is merely a randomly created pot of letters, numbers, and symbols from which values can then be randomly selected. It is also a configuration that is used for executing the steps needed for protection of the data. Environments are unique to a given group of data and the data can be grouped based on the user's input for how this should be done. For instance if a user wishes to group all of the rows for the social security number column in an SQL database, then this would have its own unique environment.
The environments used to create protection are only one piece of the puzzle that is used with many of the other pieces stored in diverse locations and under protection of their own to ensure no attack could even breach those components and to further enhance security. Additionally pertinent data is stored in multiple locations to ensure that redundancy exists in case of hardware failure, corruption, or any other catastrophic event. This ensures that DARE provides what is needed during recovery and does not become an obstacle.
Once an environment is accessed the next step is to randomly select from the available encryption methods. DARE is capable of using multiple encryption methods including, but not limited to, AES, 3DES, Blowfish, Twofish, IDEA, Serpent, and many others. By randomly selecting which of these encryption methods to use DARE is able to further complicate any potential attack and make each protection a unique event. By making each protection unique, if an attack is ever successful, that success would be limited to a single piece of data and this prevents a breach as well as inform DARE of the attempt so that counter measures can be taken to further enhance existing protection rendering even this single success by an attacker a failure.
After the encryption method has been randomly selected the parameters to use with that method need to likewise be randomly selected. This includes randomly selecting the key length to use from configured valid values as well as any other parameters needed for the selected encryption method. Included in the parameters is the value of the key to use, which is constructed from many individual pieces that were randomly selected from the environment. Random selection of these parameters further complicates any attack and enhances the strength of the protection.
Once all of the configuration for the encryption method has been completed the sensitive data is encrypted and the constructed key is destroyed. The random steps used to extract the values from the environment are encoded using a table of identifiers that were randomly generated when the environment was created and that also change with use like the environment. This encoding is used when the data is being unprotected, but requires additional components of the environment and configuration in order to function.
At this point the encrypted data is encapsulated by the encoded steps to create a complete protection package. The encoded steps provide no security information and cannot be used to decrypt the protected data in any way. The encapsulated package is now secure and can be moved freely without concern that the protected data could be breached.
How does the way in which DARE functions add value?
Now that I understand better how DARE works, what are the benefits ?
In the banners below are just a few of the benefits that DARE brings to any product in which it is implemented. CYPHYX products are designed to take these benefits and add additional value through smart implementation of the technology and a focus toward ensuring the simplest products to use with the least interaction needed, but having the highest level of security possible.
For really secure communications, you then need to share a new key each time you want to communicate information that is supposed to be secret. The use of a new key each time is considered to be equivalent to using what cryptographers call a one-time pad. A one-time pad harkens back to the days when an actual encryption key was distributed on paper and a unique sheet of paper was used each time. Because each key is used only once, cracking such encryption is difficult.
Wayne Rash, eWeek article, "Why Quantum-Resistant Encryption Needs Quantum Key Distribution for Real Security"
12870 Trade Way Four
Suite 107 #665
Bonita Springs, Fl. 34135
Email. info@cyphyx.com