Cryptometry is an advanced patented methodology to manage encryption keys that circumvent inherent vulnerabilities in industry-standard asymmetric cryptography that are otherwise unresolvable.
Why a New Methodology
The Capzul Methodology incorporates a new, patented key management methodology that exponentially elevates the security levels of applications, services and solutions with which it is used. It provides a level of security for asymmetric cryptography previously only available in symmetric cryptography – critical if mobile data is to be truly secure
The advantage of the CAPZUL methodology is that it resolves and eliminates problems in existing cryptography standards and any that will arise in new algorithms that will potentially be adopted as new standards in the future.
CAPZUL is far superior solution than that currently in use in the market; it is relatively easy to compare our solution with existing ones. With our new methodology we are greatly reducing the risks associated with compromises of the applied algorithms.
When analyzing the likelihood and extent of the potential damage of a breach, the decision to deploy CAPZUL is an easy one. While incorporating asymmetric cryptography, CAPZUL provides the far higher level of security afforded by symmetric cryptography.
Key Elements
Symmetric and asymmetric keys are used mostly independent of each other.
High frequency of generation of asymmetric and symmetric keys.
Automatic certification of new user keys.
Airtight synchronization between system Users.
Simultaneous existence of multiple public keys for each User.
Ability to use a public key unique for each message and User.
The public keys are generated locally and then sent to public key server.
Public key servers can be easily replicated.
The public keys are generated locally and then sent to public key server.
Automatic synchronization of all User’s device.
The methodology is independent of the cryptographic algorithms used.
The public key has both fixed and variable components.
Exponentially increase the security level of any asymmetric encryption algorithm
Provides the functionality of asymmetric encryption with the security level of symmetric encryption.
Certification
CAPZUL has several advantages over current certification practices. As our methodology incorporates a constant exchange in public and private keys, we guarantee that the new keys could only be generated by an authorized device.
CAPZUL ensures that a device accepts keys generated by other devices of the same user. In order to provide this certainty, each user creates a symmetric key, authorizing (or denying) a new device to generate keys for this user.
Each new public key generated by the User Device is conferred by the previous public key, i.e. the certification data that is a part of previous key. Complimentary certification data of the new key is sent by the authorized User Device generator, allowing the Public Key Server to verify the certification data of the previous and current keys.
The check is done using symmetric encryption. If after decrypting the certification data the Public Key Server finds the expected result, it is confirmed that the User Device that generated the key is authorized to do so, essentially authenticating and certifying the source.
When communication is established, users exchange synchronized data that allows them to calculate the shared symmetric key between them. As it is only possible that these two users, and no one else, have this shared key, they are in fact authenticating the certification process.
CAPZUL includes symmetric encryption in the certification process, which is far more difficult to break than asymmetric encryption. One would need to break the certification between the User Device and the Public Key Server, as well as the synchronized and the shared keys. At a minimum, one needs to break all historical communication just to make the correct calculation of the next synchronized key between two users.