Dark Signal Research systems are designed to operate with the current generation of processor and memory technologies, but if there is anything the past has taught us it is that technology constantly evolves. One of our design goals is to look towards the future when massive amounts of memory may be available in small low power packages.
Dark Signal Cryptographic Storage (DSCS)
DSCS is a system for storing sensitive data in a manner that is symmetric algorithm and storage technology independent. The essence of DSCS is captured in United States patent US 9,641,321. DSCS provides a system to store sensitive data with no run time cryptographic computation. For example, it can utilize the Advanced Encryption Standard (AES) or any other symmetric algorithm that becomes a government standard.
Our technology operates when nonvolatile storage is initialized or formatted for use in an embedded system. When a battery powered device is charging or recharging, prior to operation, cryptographically structured blocks are written to storage rather than the traditional method of using redundant blocks containing zeros or a fixed pattern. In this manner during operation, no AES related computation needs to be performed, removing the encryption bottleneck and enabling full write speed to a storage device. Essentially our technology solves two problems simultaneously. It removes the requirement for the operation of cryptographic algorithms in hardware or software and it replaces heavy chemical cells with light weight storage devices.
As detailed in our Labs section, this is most useful in microscale intelligence gathering drones, where embedded systems must use minimal battery power, meet hard real time deadlines, and secure sensitive data. These types of devices use all of their computational and power resources to navigate and capture data. There is nothing left for data encryption.
The only computationally relevant operation in DSCS is addition modulo 2 (XOR instruction) which can be built directly into the memory controller. An added benefit is inherent side channel attack resistance, which is achieved by not operating symmetric encryption algorithms at encoding or decoding time.
As mentioned earlier DSCS is storage technology independent. This means that nonvolitile memory bits can be represented in any form. At Dark Signal we try look beyond electric charges and magnetic states. The future will bring small scale bit storage technologies, such as those realized through nanoscale physics and biological constructions. DSCS is also quantum resistant when using 192-bit or 256-bit AES keys.
Dark Signal Cryptographic CODEC (DSCC)
DSCC is a system for securing real time digital video links. It works in a similar manner to DSCS, but rather than writing and storing sensitive data in the preformatted memory region, the memory is utilized on the sending side as an encoding buffer and on the receiving side a decoding buffer. In this way DSCC is able to utilize its memory tradeoff properties to operate a data link with no cryptographic computation.
Since Dark Signal was founded by reverse engineers we spend as much time trying to break our own systems as in designing them. In our attack space we will consider systems using the Advanced Encryption Standard (AES) and those that are considered to be in tactical mode upon operation.
Since each memory unit is preformatted with a unique AES 256-bit key expansion, DSCS is only applicable in environments where the attacker does not have access to the device before tactical operation. For example, a mobile intelligence gathering device is able to secure information as it is obtained and the keystream corresponding to each block of nonvolatile storage is immediately written over with a ciphertext block as data becomes available. Therefore, in the application space we are targeting this type of key expansion is not considered to be a weakness and once sensitive data is written to memory it carries the same security guarantees as if AES was operated in real time.
Another advantage is that the attacker cannot tell if data is actually present on the storage device or how much data is present. This means a lot time might be wasted in a fruitless reverse engineering attack that tries to extract data and decrypt it. As far as a legitimate extraction of data, any device capable of performing AES can decrypt storage as long as the key is provided.
New Dark Signal Technologies
There are currently two new technologies in our intellectual property pipeline, captured in United States patents US 9,959,414 and US 10,320,558, that represent novel approaches to solving other problems in the microscale embedded space.