Web Analytics
  • Secure Channels

SKI Peer Review by Dr. Stanislaw Jarecki

Professor, School of Information and Computer Sciences, University of California at Irvine

1. SKI offers strong security property vs. standard PKI-based and Kerberos-based secure key communication solutions:

Unlike PKI-based solutions, the clients don’t store long-term keys except for standard authentication tokens (password, biometrics). This dramatically limits security exposure in case of client compromises. Unlike Kerberos-based solutions, the central server (`Token Authority’) has no knowledge of decryption keys, just short-term authentication tokens. This limits the security exposure in case of central server compromise. SKI achieves these security advantages using a distributed fault-tolerant protocol involving a network of geographically spread Relay servers, and it achieves the above security properties at the price of exposing a transmission key if a significant threshold of Relay servers is compromised. However, using secret-sharing the probability of such compromise is negligibly low unless the adversary compromises a majority of the Relay servers.

2. SKI offers strong reliability in key delivery, thanks to the fault-tolerance in the key transmission protocol, based on well-known secret-sharing techniques.

3. SKI offers strong privacy properties with respect to the Relay servers, thanks to the double-blinding technique in the key transmission protocol.

Only the central Token Authority knows the matching between the sender and the receiver, which is the same as in a Kerberos-style solution, and this information is stored only briefly, so a compromise of the Token Authority does not reveal past communication patterns.

Secure Channels BRINGS to market data encryption, cryptographic protocols, and access control/ privileged access/ user authentication technologies in the form of licensable tools, end user platforms and purpose-built solutions, SERVING software & application developers, hardware OEM and device manufacturers, and enterprise organizations, WHO place a premium on cybersecurity, risk reduction, and operational performance benefits or competitive differentiation provided, ALLOWING them to replace, augment, or introduce to new cryptography into their products or environments, PROVIDING material and measurable cybersecurity protections, risk reduction and data breach mitigation.

Secure Channels Inc. 

16400 Bake Parkway, Suite 100  |  Irvine, CA 92618  |  T: (855) 825-6766  |  E: contact@securechannels.com

Follow us!

  • Facebook
  • LinkedIn
  • Twitter

Copyright © 2020 Secure Channels Inc. All rights reserved