Mutual Trust from Zero to Hero

NEWS: US Government signs into law Post Quantum Encryption Roadmap Mandate

Quantum Proof Authentication

New key-based security protocols and Quantum Resistant Cryptography are making their way into developer and consumer markets. Will you be an early adopter of best-in-any-class, where robust mathematically-proven principles meet excellent implementation standards for security and performance? Oh, and we also provide realtime WebSocket data synchronization channels.

CHRIS BATT, Product Engineer

KeySigna: a significant step forward for Web/IoT authentication

Wallettt integrates next-level principles and best practices to ensure tomorrow’s infrastructure (both Web, public-facing versus machine interfaces) does not continue to suffer from the clear and present risks of legacy standards in information security. We believe that patches and more complex layers of security analysis, including AI, do not solve the fundamental weaknesses of our outmoded assumptions. We, as hardware and software industries, have built a modern internet with scalability and control as motivators, where individual and system-level security has been an afterthought; a cost-benefit analysis where the downside has been devastating to people, organizations, and even nation states.

We wear white hats. We often think with tinfoil ones, too. That's par for the course in today's security landscape which precedes and pervades everything we do in this connected and network dependent world.

BOOK CONSULTATION

FULL

QRC/AES Strong Encryption and Mutual Trust on all sides
Every interaction between services and clients is secured fully, and cannot be faked or modified in transit.

NO

Credentials cannot be breached on protected web services
If you don't store it, it can't get leaked or stolen.

WHY

a new class of key-based mutual authentication
We don't often enough question who or what is behind a web system, and what it puts on our screens. We trust what we read, and we depend on the integrity and discretion of those on the other end with our data entry, behaviors, who we connect with, what we think, how to influence our lives and our money.

Who is this for?
  • Provides a protocol for authenticating and securing quantum proof communication channels between systems, devices, and users inside and outside trusted zones.
  • Satisfies ideal roadmaps for alignment with US Executive Order on modern cryptographic protections for information systems.
  • Elevates end-to-end protection beyond TLS 1.3 standards and implementations, ideal for industrial and heterogeneous network environments.
  • Encapsulates zero trust principles by enforcing mutual authentication and maintaining decentralized credentials.
Are you looking for testers?

YES. If you are interested in examining and attempting to break our systems and technology, we will open the door for you and discuss real rewards.

  • Theoretical and algorithmic weaknesses.
  • Protocol attack vectors.
  • System API implementation improvements for availability and scaling.
  • Spreading the word and advocating within the software development industry for the responsible expansion of Post Quantum Cryptography.
What will happen when Quantum Computers can decrypt the history of the Internet?

Quantum Computing will render the history of the internet into a glass house, transparent and starkly vulnerable, for all those with the power to expose it and profit from their power. This power will not be democratized, and there will be no going back. We need to secure the world with the best means we now have at our fingertips to invoke the integrity upon which we will rely for our digital and physical security. We need to stop delegating privacy and security to others, and stop considering it an afterthought. We can fix this. We have the technology.

Who can adopt this technology today?

The lack of developer awareness of cybersecurity and cryptographic principles is evidence of a fractured profession. The most dangerous practitioners in the world, responsible for code and data pathways that mean life and death and money, possessing a remarkable and persistent ignorance for safety and integrity. But, rather than lay blame at the feet of those doing their best, we need to empower and educate these software and hardware experts to uphold new standards and assure us that integrity can be achieved and maintained. Our futures and our livelihood depend on delivering reliable and efficient systems and services that can scale without scaling in complexity and danger.

What is involved in transforming the authentication regime in my system or organization?

The new way is performant, simpler than existing algorithms and protocols, and intermediately complex to implement. However, the broadest changes required are in relinquishing old behaviors in IT organizations and developing better communications around strengths and weaknesses of entrenched technologies. Embracing a roadmap to replace insecure legacy authentication and cryptographic institutions is the first step, while strategic execution may prove to be easier than expected with the right partners, consultants, and project scopes.

JANUARY 3, 2023

Whitepaper: The impetus for quantum proof (PQC/QPC) mutual authentication

The issues of internet privacy, digital identity, authentication, and authorization remain unsolved problems,
especially for industrial and distributed IoT environments. Despite the plethora of security products available
from commercial and open-source vendors, attack footprints are not being reduced. The complexity of such
solutions continues to grow, while overall protection and compliance figures, according to industry data sources,
should be alarming to us. 

Read More

Zero Trust is our bottom line.

We bring different values to authentication, where zero-trust is exemplified; all parties to a transaction maintain control of their own credentials. There is no database containing vulnerable credentials (even hashed), none in a centralized cloud, either. There is no footprint of passwords to be breached. Credentials are never sent across the wire to any party. Deterministic key-based security will be the future of the Web, as it is already showing its value in Web3 identity and cryptographic applications.
We ensure privacy even when Secure Socket Layer (SSL) aka Transport Layer Security (TLS) is unavailable (in many IoT or industrial settings) or terminated by proxy servers or content distribution network nodes. TLS is only one line of defense. It also has shortcomings because the green padlock beside the url only assures a domain certificate is recognized by 'an authority', but not the machine or application at the ultimate endpoint. TLS does not assure end-to-end encryption to your user or application. It does not identity devices, especially those of users. Therefore, it is only implicit and somewhat passive in its characteristics and usefulness. It is also weakened by vulnerabilities exposed via misconfiguration and insecure DNS routing.

Because we impose no dependencies on third parties, frameworks, or external code, our platform is fully compatible to be implemented across your ecosystem of nodes, applications and points of presence on any network. Even isolated from the Internet (if applicable), we can attest to mutual trust by using autonomous and secure cryptographic keys.

Our common struggle and journey through the theory and the practice of securing logins and APIs in the modern age has not been an easy one. In our humble view, KeySigna is merely how it should have been, and should always be done. We invite you to share freely in opinions and views on our comprehensive protocol and implementation, and other security issues. Live chat with us today!