This startup is going back to basics to strengthen encryption3 min read . Updated: 05 Apr 2020, 11:35 PM IST
- Time was when randomly generated binary number sequences were good enough for symmetric encryption of streaming data
- Encryption tries to stay one up on hackers by adding algorithmic layers of security on top of the binary sequences
Ahack is no longer just about exposing a bank account or somebody’s photos. There can be far scarier fallouts. Satellite systems can be hacked to spoof GPS signals, for example, and send drones to the wrong destination or hijack oil tankers.
Time was when randomly generated binary number sequences were good enough for symmetric encryption of streaming data. But in today’s world of grid and cloud computing, those are can be cracked easily, says Jay Hotti, co-founder and CEO of cybersecurity startup Byneri, based in Bengaluru and Singapore.
Encryption tries to stay one up on hackers by adding algorithmic layers of security on top of the binary sequences. The data encryption standard was adopted in 1977 and superseded by the advanced encryption standard in 2001. RC4 was a secret cipher until it got leaked.
Another algorithm is Blowfish which has been superseded by Twofish. They use different mechanisms to add security, but each introduces new challenges and vulnerabilities, explains Hotti. “The more steps you introduce in any encryption, the more potential weaknesses you expose. And you never know what you don’t know until somebody hits that, which happens now and then."
Layers of complexity
Byneri goes to a more fundamental level of strengthening the underlying binary sequences. The mathematics to generate such sequences was developed in the late 1960s and early seventies by US’ DARPA (Defence Advanced Research Projects Agency). Later, when the internet exploded at the turn of the millennium, asymmetric encryption arrived, using prime numbers where a public key is used to encrypt a message and a private key to decrypt it.
Asymmetric encryption is mainly used for identification and authentication. But most online systems, such as payments, still depend on symmetric encryption where one key is used for both encryption and decryption. That’s because asymmetric encryption would become unwieldy with large amounts of data.
This brings us to Byneri’s innovation, which goes to the roots of symmetric encryption. “We can generate binary sequences whose linear complexity is many orders of magnitude more than the existing ones. And we’re able to do this very fast," says Hotti.
“The linear complexity determines the strength of an encryption key," adds angel investor P.G. Ponnapa, who is working with Byneri. “A 1024-bit key can be cracked with 10 to the power of six permutations. The Byneri way raises that to 10 to the power of 154 permutations."
One of its early testers is a company making receivers for low earth orbit (LEO) satellites, typically used for applications involving GPS. The overcrowding in space means these receivers have to distinguish between the many satellites in their view. “To do this, they needed a large number of binary sequences which couldn’t have been done with their existing system," says Hotti.
Going to market with such a highly technical ‘black box’ product is a challenge. Ponnapa experienced this himself when he first heard the idea of Byneri. “I have known Jay 35 years. We were in college together (NIT Surathkal). When he told me he had cracked this, I met him for dinner. Two hours later, I had understood nothing," says Ponnapa with a smile. He met Hotti again the next day with more specific questions, and the penny dropped.
Hotti’s involvement with cryptography goes back to his work with payment systems. He worked on Thailand’s national payment system and implemented India’s first payment network, Swadhan for the Indian Banks’ Association in the nineties. “That was the basis of how shared ATM networks started in India," says Hotti, who was also CTO of Singapore’s payment gateway and merchant payment network NETS.
Hotti’s co-founder is Professor Mahalinga V Mandi of the Ambedkar Institute of Technology in Bengaluru, who was researching the application of binary sequences in satellite communication and navigation. He was initially sceptical when Hotti suggested it could also be applied in banking and other industries. “I kept pestering him and we ended up making a matrix of implementations in 14 industry types."
It took them two-and-a-half years to develop the product and test it. “Then we went to a space company last year. They tried it on heterogeneous systems and it worked. That’s when we decided to raise some money. Until then it was funded by our own money."
Byneri has also been talking to a tech company that provides solutions to space companies. The order confirmation came last month, just before the country went into a lockdown.
Sumit Chakraberty is a Consulting Editor with Mint. Write to him at email@example.com