qProtect provides unbeatable security for data used in uncontrolled environments, even in the event of theft or loss.
qProtect Delivers the Highest Levels of
Protection Using Two Core Principles
One-time Pad Encryption:
- This is the only form of encryption mathematically proven to be unbreakable.
- The encrypted data, or cipher-text, cannot be decrypted without the key, irrespective of the computing power available to the adversary.
- Data is protected now and in the future, even from quantum computers.
Automatic Key Destruction (also known as Zeroization):
- The one-time pad key is automatically destroyed from the storage device during encryption.
- This enables the full power of one-time pad encryption to be delivered.
- An adversary who gains access to the data or device never has enough information to decrypt it.
Of all the methods of encryption ever devised, only one has been mathematically proved to be completely secure. It is called the Vernam cipher or one-time pad. In this technique, a plaintext is paired with random, secret key (or pad). Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad. If the key is true random, at least as long as the plaintext, and never reused, then the resulting cipher-text will be impossible to decrypt or break.
The security of all other ciphers is based on limits to computational power. If a cipher is computationally secure this means the probability of cracking the encryption key using current computational technology and algorithms within a reasonable time is supposedly extremely small, yet not impossible. In theory, every cryptographic algorithm except for the One-Time Pad can be broken given enough cipher-text and time.
qProtect leverages our patented qStream technology to deliver unique true random keys enabling perfectly secure encryption of sensitive data.
Ultimate Data Security
Implements the only mathematically proven encryption method, the One-Time Pad cipher using a true random key, and ensures that the key is never available on the device at the same time as the data or encrypted data.
Simplicity: encryption and key destruction are implemented automatically as data is recorded. Easy and fast access to keys for decryption of data in a secure location.
Ultimate Protection: data remains perfectly secure even if device falls into the wrong hands or the encrypted data transmission is intercepted.
Tamper-evidence: One-Time Pad encryption effectively prevents any sensible tampering. Any modification to the encrypted data will be evident on decryption.
Avoids the need for manual or automatic data destruction if the device is at risk. The data can be retrieved once back in a safe location.
Delivered with qClient™ Software Development Kit, including OASIS KMIP (Key Management Interoperability Protocol) and PKCS#11 API.
In cryptography, zeroization is the practice of erasing sensitive parameters (for example electronically stored data and cryptographic keys) to prevent their disclosure if the equipment is captured. This is generally accomplished by altering or deleting the contents to prevent recovery of the data. When encryption was performed by mechanical devices, this would often mean changing all the machine’s settings to some fixed, meaningless value, such as zero, hence the name zeroization.
In modern software based cryptographic modules, zeroization is made considerably more complex by issues such as virtual memory, compiler optimizations and use of flash memory. Also, zeroization may need to be applied not only to the key and cipher-text, but also to a plaintext and some intermediate values. A cryptographic software developer must have an intimate understanding of memory management in a machine, and be prepared to zeroize data whenever a sensitive location might move outside the security boundary. Typically this will involve overwriting the data with zeroes, but in the case of some types of non-volatile storage the process is much more complex.
qProtect, by delivering true one time pad encryption with automatic key destruction removes the need for manual zeroization. We say that it enables “Virtual Zeroization”. This allows sensitive data to remain perfectly secure even in the event of capture, while avoiding the need to preventively destroy the data.
Applications for qProtect
Highest Security Needs in Uncontrolled Environments
Uncompromising protection for the military, media, government agencies.
Protecting Sensitive Photos, Videos and Audio Recordings
Confidential and tamper-proof video and audio recordings with preloaded SD Cards.
Secure and Tamper-proof Data Logging
Example applications: banks, enterprises, government.
Disruptive Way to Secure Data on Mobile Assets
- Method to encrypt information as it is written to storage device using mathematically proven secure one-time pad
- Key material is over-written as data is encrypted: Perfect security, present and future, even if device is compromised or intercepted
- Removes need for manual zeroization and anti-tampering technology, while delivering higher security
- Data securely protected, not destroyed – remains available for retrieval in secure location
- Applications: mobile assets containing high value information, including for military, government, police, media/journalism.
Integrated Product Suite
- Combines qStream true random number generation with qCrypt key management and Virtual Zeroization Key Loader
- Customized approach for different storage devices
- OASIS KMIP compliant, fully interoperable
- NIST SP 800-57 key management framework
- Delivered with qClient Software Development Kit, including OASIS KMIP (Key Management Interoperability Protocol) and PKCS#11 API.
qProtect – Protects sensitive information with one-time pad encryption and destroys key on device during process.
Delivers the highest quality random for all cryptographic and modelling applications.
Seamlessly delivers best practice key management and security policies across your infrastructure.
Full encryption solution integrating high speed true random and interoperable key and policy manager.