Information Encryption for Email, Files, Documents and Databases
Voltage leverages cryptographic innovations, including techniques like Identity-Based Encryption (IBE) and Format-Preserving Encryption (FPE). These innovations simplify protecting data in real-world applications and make encryption easy for people using sensitive information.
The world is full of sensitive data that should be encrypted, but for years, it has been too difficult to encrypt the electronic files and communications we use every day. These concerns are not new: in 1984, Adi Shamir proposed a new, identity-based way of encrypting data:
“An identity-based scheme resembles an ideal mail system: If you know somebody’s name and address you can send him messages that only he can read…It makes the cryptographic aspects of the communication almost transparent to the user, and it can be used effectively even by laymen who know nothing about keys and protocols.”
(Shamir, Adi. “Identity-based cryptosystems and signature schemes.”Advances in cryptology. Springer Berlin/Heidelberg, 1985.)
Shamir’s idea, to secure data by deriving a key from the intended recipient’s identity, was a revolutionary break with the classic PKI methods of binding keys to identities using certificates. The management of these certificates and the process by which they are managed, and the need to fetch a certificate before encrypting to a person or machine, has made encryption using traditional approaches very difficult for end users, costly to operate and complex for IT operations. Unfortunately, in 1984, the cryptographic community didn’t have the mathematical tools to fulfill Shamir’s vision.
In 2001, Dan Boneh and Matt Franklin proposed an efficient, provably secure way to make Shamir’s vision a reality. Identity Based Encryption (IBE) can use any arbitrary string as a public key, enabling data to be protected without the need for certificates. Protection is provided by a key server that dynamically generates private decryption keys that correspond to these public identities. By separating authentication and authorization from private key generation through the key server, access to keys can be controlled dynamically by server policy, enabling granular control over access to information in real time.
The stateless nature of IBE also dramatically simplifies operation and scaling. Key servers can be distributed with key requests load balanced across them without the need to synchronize data, thus enabling high scale, geographic distribution, and failover without growing complexity.
Voltage Security was formed to commercialize the IBE breakthrough. Voltage now offers solutions based on the first secure, practical IBE system, the Boneh-Franklin IBE Algorithm, standardized under IEEE 1363.3 – the standards body for proven, public key cryptography methods.Today, IBE technology protects the data for over 100 million users world-wide, secure billions of transactions and enables more than 1,000 enteprises to embrace data-centric security easily and efficiently to enable the secure movement, use, and sharing of sensitive data at unprecedented scale.
Learn more about Identity-Based Encryption
The advent of data breach disclosure laws and a variety of compliance regulations has driven many organizations to look at methods for encrypting sensitive data types such as account numbers and national identification numbers in internal databases. While this may seem like a straightforward application of encryption, encrypted data typically has a different format from the plaintext, which necessitates changes to database schemas and re-working business applications so that they are aware of the new encrypted data format. Format-Preserving Encryption (FPE) is an innovative approach to to encrypting structured data like credit card numbers without changing the format and whilst retaining the high level of security associated with standard block ciphers like AES.
Learn more about Format-Preserving Encryption
Voltage Security Patents
Voltage Security continues to innovate and patents relating to IBE and FPE and other Voltage innovations have now been issued. We are working closely with standards bodies such as the IETF and IEEE to explore making these technologies available to a broad range of ISV’s through reasonable and non-discriminatory licensing.