What is AKT - Anonymous Key Technology®?
Anonymous Key Technology (AKT) can be described as the evolutionary combination of traditional security technologies. Security experts like to see traditional technologies that are well understood and accepted. AKT uses traditional cryptographic algorithms like Advanced Encryption Standard (AES), the secure hash standard and traditional key management like Key Encrypting Keys and Data Encrypting Keys. AKT’s unique methodology provides a simple authentication system that delivers secure data transmissions based on the results of the authentication.
The strength of AKT depends on the size of the key and the amount of randomness in the key. For example, an 8-character password formed only from upper letter characters has a strength equivalency of just over 30 bits. If you allow upper and lowercase characters, then the strength increases to about 45 bits. To get 80 bits of strength with a password using upper and lowercase characters only, you need a password with about 14 characters. Thus, a password of 14 characters is equivalent in strength to PKI using 1024 bit keys (current Secure Socket Layer (SSL). Therefore, it is not appropriate to ask what the strength of AKT is without specifying the size and randomness of the key. This is where the confusion arises with people who are steeped in PKI. If you integrate outside randomness into the AKT key, then you can achieve strength much greater than PKI. For example, using biometrics, you can get very high strength. Currently, a Federal Information Processing Standards (FIPS) certification mandates a maximum strength using AES of 256 bits, which is the maximum strength that can be obtained and still receive certification.
80 bits of strength means that the difficulty in guessing the encryption key is equivalent to guessing 80 bits of random data. Guessing the key would be equivalent to guessing a number with 24 digits! Keep in mind that as computers get faster, guessing a large number gets less difficult. For example, Table 1.0 shows the results of a computer that can do one billion decryptions and comparisons (a transaction) per second:
Table 1.0 Computer/ One Billion Transactions
It is clear from Table 1 that a key with 80 bits of strength will survive less than 1 hour. Keep in mind that 1 billion transactions per second is difficult with any computer. However, notice that if you can get a strength of 112 bits, it would take the same computer just over 3 years (on average) to break the same encryption! At 160 bits, you do not need to worry. While a strength of 80 bits is susceptible to heavy attack, when you get to 160 bits and above, it takes a lot of computer power to break the AKT suite.
© 2016 Aegis Systems Canada, Inc. All Rights Reserved