| 27.25 Excessive Encryption: | | 1. It is not possible to have too much physical security like it is not possible to have too much encryption. What is certain is that every single encryption method that has ever been designed has eventually been cracked. But when layer upon layer of encryption is used in many different ways then if one encryption method is cracked, other layers will continue to provide security. | | 2. The wrong kind of complexity can help the criminal to crack the encryption system. Security by design using millions of keys may look complex to a criminal, but can be simple to Eliza. | | 3. Fully encrypted data stores cannot be the subject of a data breach - personal data cannot be disclosed even if a criminal has a copy of an entire data store. Eliza is the only way that business data can be encrypted and decrypted and Eliza knowledge cannot be stolen or copied. | | 4. The DPO advokes Replicated Encrypted Data (RED) as a technical method to mitigate the security journey. |
| 2. Encryption Table: | | 1. Each data store holds an encryption key table with more than 3.5 million encryption methods, techniques, algorithms and keys. A good place to hide an encryption key is in a table with millions of other encryption keys. Algorithms to scramble encrypted data are stored with each encryption method. Many keys, algorithms and other techniques are codified in each encryption record. | | 2. Each encryption table is only used by Eliza so its inter-connected complexity can be extreme. As any field value is entered, Eliza will check its validity, encrypt its value and store that value to a swarm of replicated distributed data stores. Each secure data store is encrypted and operated from a physically secure data center that is part of the Internet backbone. |
| 3. Tokens: | | 1. Tokens are used to encrypt data that would otherwise be easy to guess such as the gender field value. A unique token is created for each and every gender field so a criminal could not guess the original value of the field. In a table of 100,000 people, it would be expected that a 50-50 mix of gender values would exist - normal encryption would be easy to decrypt. When every value is a unique 8 digit number, it is more of a challenge to decrypt the gender field value. | | 2. Many different field values are tokenised to prevent simple statistics from guessing the original value. Tokens are generated in a way that can only be decrypted by Eliza who has access to many factors that went into the creation of the token. The encryption table holds the key as an encoded number that identifies the many algorithms to be used. | | 3. The majority of highly sensitive data collected for Government statistical purposes must be tokenised. Ethnicity, Gender, Race, Belief, Place-Born, Sexuality, Disability and such data serve no business purpose, but must be kept to feed Government statistics. Encryption is not good enough for this data, tokens must be used so every stored value is 100% unique. |
| 4. Fragments: | | 1. Records are fragmented into many records so groups of fields can have unique data access rights. Fields are grouped into records so only a person with the rights to view those fields will know that the record exists. Records containing sensitive data are hidden from people who do not have access right to such data. | | 2. Field values are fragmented into parts so each part can be encrypted in a different way. Security is increased when a field value is not stored as a single field but as more than one field. Name and address data is more secure when each part is uniquely encrypted and stored as a very long number. | | 3. Date and time can be treated as fragmented field values where each part is separately encrypted and scrambled with all other parts. When a person joined the company is the kind of date that has a limited range that is more each to decrypt, so additional methods must be used. It may be wise to hold the date that employment started as 2 or more field values in different records or different places. |
| | | 5. Steganography: | | 1. Steganographic methods are used to hide encrypted data in plain sight. A good place to hide encrypted data is in innocent photographs and business data that looks like a lot of numbers. Good encryption means making some data look like some other data, for example a mileage can be made to look like a date. | | 2. Hiding field values inside of other field values is an encryption art form. Many field values can be merged and scrambled in a way that nobody could guess and no computer could decode those original field values existed because millions of plausible results could exist. | | 3. Hiding a date field value may begin by calculating the number of 1623 second units since some historical event and storing the result as a Kanji picturegram. Kanji does not have an alphabetic order, so no computer or person could deduce how a kanji glypjs relate to a field value. |
| 6. Inverted Database: | | 1. Criminals understand databases with tables and record and so tables with records must never be used. Rather than storing data in records that represent a row in a tabel, data must be inverted and stored as vertical columns. Tokens replace each unique field value so what remains is meaningless and not understood by criminals. | | 2. Inverted tables are just one aspect of encryption that makes tha assumption that agencies will gain access to the physical database and so the physically stored data must be meaningless. Every field value must be tokenizsed and encrypted using several layers in a way where the number of layers will always be unknown. | | 3. Tokens are steganogaphically hidden in photographs as trivial dots in a grass field and white marks in a sea scape. 3D and 4K photographic images provide a wealth of detail to hide a vertical set of unique field values such as telephone numbers. |
| Encryption Methods: | | 01. Many different encryption methods are used - more than three million and increasing. | | 02. One encryption method may involve many other encryption methods, keys and algorithms. | | 03. Scramble algorithms on encrypted data add an extra level of obfuscation. | | 04. Common encryption methods like AES, SHA and MD5 are deployed in layers. | | 05. Encrypted results are made to a fixed length to hide the original value. | | 06. Many different encryption methods result in a 73 digit decimal number - the result size does not imply the method. | | 07. Most encryption methods create a binary value that is stored as a decimal number. | | 08. Token are used to encrypt sensitive data like gender - every person with male gender has a unique token. | | 09. Every personal record has its own set of encryption keys. | | 10. One encryption key may only decrypt part of a private field value. | | 11. Historical data is encrypted using similar full encryption methods. | | 12. Field values are fragmented with different encryption methods for different parts of a field. | | 13. Evidence trails are encrypted to prevent data leaks on who did what and when. | | 14. Data is structured by sensitivity, risk and access control requirements - high levels of fragmentation. | | 15. Data is replicated and replicated again using different methods in different locations - nothing can be lost. | | 16. Fraud is prevented with a very large number of copies of data in many secure locations. | | 17. Every record holds its own unique encryption token, so if one field is decrypted, the same field in other records cannot be decrypted. | | 18. Simple encryption methods may be applied many hundreds of times with a scramble algorithm used by each step. | | 19. As new data is added, new encryption methods are created with more complex keys and algorithms. | | 20. Each whole data storage device is encrypted with a unique AES key that is replicated in other data storage encryption tables. | | 21. Only Eliza needs access to the encryption table and its millions of keys - people never need to understand how encryption works. | | 22. Encryption keys can be unreasonably long and complex because they are never used by people. | | 23. Encryption keys are UTF8 strings that support hundreds of modern languages including Chinese and Greek in left-to-right strings. | | 24. Eliza used block chain technology to create self-healing distributed data to replace password signed documents. | | 25. Words that end with double letters are rare and can be guessed at - encryption used a different algorithm for each letter so doubles cannot be identified. |
| Competitors: | | 1. Competitors do not and may never be able to encrypt each and every field because they have thousands of programs that may access the same customer record. Software systems are so obsolete that field encryption would become too expensive. | | 2. Cross Site Scripting (XSS) is one of the most common vulnerabilities found is major corporation application systems. The cause is inadequate data entry validation - data is shown as it was entered can let criminals gain access to all kinds of data. XSS is a software problem caused by too many programs written by too many different people and not tested properly. XSS was eliminated decades ago by Eliza who validates each and every data entry field - nobody else is involved, nobody else to blame. | | 3. Cross Site Request Forgery (CSRF) is a common vulnerability in major corporation application systems because the URL is not properly designed managed. CSRF is caused by too many programmers writing too many programs that are not fully tested - URL testing is easy but time consuming. Eliza eliminated all URL issues many decades ago by designing and managing a comprehensive URL design that must be used without exception. Because Eliza has eliminated the need for software, CSRF has been eliminated, URL testing has been eliminated and programming costs have been eliminated. |
| Behaviour: | | It is not the technology that is excellent, its the behaviour behind the technology that makes the difference. |
| Pass Phrase: | | The pass phrase is 100 times better than all alternatives. After your pass phrase is stolen, it can be changed - after your finger prints (and eyeball scans) are stolen, how will you change them? |
| Encryption Method: | | Every encryption method designed has eventually been cracked, so any one method is not 100% secure. However when many different encryption methods are layered over one another, the result of cracking one layer is still an encrypted result. Where a criminal does not know how many layers have been used and what different methods have been used, then automated cracking may not be practical. |
| Problem: | | The basic problem with every public encryption method is that it is public and considerable state sponsored resources can be directed to crack any public encryption method. It may have taken 5 years to crack RCA encryption, but everybody who solely relied on that one method were instantly hacked. History has shown that no single public encryption method will always be safe and secure. |
| Solution: | | A simple solution is to layer more than one encryption method, to keep private what those encryption methods are and to enhance public encryption methods with additional obfuscation methods. Common reusable functions can provide substitution, character reversal, scrambling, case reversal and dividend facilities. A one-way (modulation) method using a divide and storing the remainder as the result is used for pass phrases - each remainder has many possible dividends and divisors, after hundreds of remainder values have been calculated, the number of possible original numbers that created that result is close to infinite - factorial. Dividend MOD Divisor = Remainder : 3456 MOD 51 = 39 : from the result 39, it is not practical to derive the original dividend as 3456. In this example, the remainder will never exceed the divisor so the result may be substituted by an ASCII character. | | Implementation is very much better than the simple theory - the long string of digits is divided into groups of 4 and 6 digits and each group is modulated to give a compound result. Implementation functions can vary the divisor, the width of the groups and the iteration of the process to foil every criminal or agent. While examples may use decimal arithmetic, implementation will use many other bases such as 51. |
| Trade Secret: | | It is a fact that the author of PGP was goaled as a criminal because encryption can be classified as trading in arms - an encryption method can be treated in the same way as a gun. Every encryption method must be held as a trade secret and not offered for sale to people who have something to hide. It is possible that Government agencies have conspired to make public encryption methods breakable using specialist hardware. See "Chinese Remainder Theorem" and "Secret Sharing". |
| Name: | | Storage of encrypted names needs to be sortable and filterable (searchable). This means the stored value must retain alpha-numeric order of the leading 4 to 6 characters. When a filter such as "CHA" is entered, then the search must be able to select on this encrypted partial field value. | | Names come in 2 parts: a prefix that must be sortable and filterable and a suffix that is selected from a list. Practical sort and filter methods can be achieved on the first 4 characters of a name - a few businesses may need a longer prefix. The prefix is encrypted using a substitution method based on the fact that such data can be stored as if it was lower case, even if it is displayed as capitalized. The suffix is encrypted using a different method that also hides the length of the name - every name is stored as 77 digits. |
| Email: | | Storage of encrypted email addresses is done using a prefix and a suffix value where the suffix must be a reference data domain. The prefix must be lower case with numbers and a few symbols - 42 codes to be encrypted. Because letters like "E" and "T" will be common, a second level of encryption changes the numbers based on what is before and after each letter. This means that "TE" and "BE" have the "E" encrypted differently because it follows a different letter. | | A spread sheet of all email domains is managed and an extra domain may be added as and when needed. Every domain has an 8 digit key automatically assigned that that is what is stored in as the email suffix. |
| List: | | The majority of reference data list codes could be stored in one byte with less than 256 options. Every list code is stored using 4 bytes with 8-digits that look like a key. The security benefit of hiding list values as keys is significant. The prefix 5 digits are randomized - only the trailing 3 digits are significant. |
| Document Control: | | 1. Document Title: Excessive Encryption. | | 2. Reference: 162725. | | 3. Keywords: ITIL, Excessive Encryption. | | 4. Description: Information security can be archived with the excessive encryption of every field value. | | 5. Privacy: Public education service as a benefit to humanity. | | 6. Issued: 11 Dec 2016. | | 7. Edition: 1.2. |
|