Zero Knowledge Proof Solution
myKryptofon is a Zero Knowledge Proof Communications Solution. This is defined as a solution where there is no information available in the communications from one party to another is determined by 3rd parties to be valid. Only another myKryptofon endpoint can communication with a myKryptofon endpoint. There is no discernible information saved on a server, a client, or available in network packets. The communications security is inherent, with no telecommunications metadata available to be eavesdropped on. This provides a true end-to-end trusted security solution. myKryptofon has the following architecture principles. These are different, not following the IT security herd, and have required innovation and invention:
- Only private key security is allowed. No public/private keys are utilized.
- No server stores the encryption keys for secure communications.
- No client stores the encryption keys for secure communications.
- No Encryption keys are ever saved anywhere.
- No Encryption keys are ever reused, in whole or in part. They are unique with each communications session.
- No human or computer process has access to the encryption keys for secure communications. The process is automated with inherent dynamic information.
- No encryption information is available in the packets containing your content - Your voice, text, and file transfers, etc.
- No telecommunications signaling information, such as the caller, the callee, the people in your contact list, the time of a call, text chat, or transfer, and, the sending/receiving identification of transfers, are present.
- No voice, text, or file transfers can be distinguished from other packets.
- No telecommunications signaling can be identified as such.
- Employ Perfect Forward Secrecy.
- Employ Ephemeral Encryption.
- Implement a Trusted Node Architecture.
- Tunneled Communication – All communications traverse a proprietary secured tunnel .
- Multiple Ciphers – Implement more than just AES 256.
- Proprietary Ciphers – Use company written code, no 3rd party source code.
- Unique Encryption Keys – Each communication session uses a unique key.
- Independently Calculated Key – Each trusted node calculates the key on each side for a communication session.
- Keys Never Shared – Calculated keys are never shared with another node.
- No Key Storage – Encryption keys never stored.
- Keys Are Single Purpose – Keys are used for one purpose, never twice.
- Keys Are Monolithic – Keys are not used for e.g. communications and saving files.
- No Metadata Is Available In The Clear – Metadata is uniquely encrypted, just as media.
- No Web Servers Or Web Browsers – Web servers are eliminated on servers.
- Proprietary Server Communications App:
- All communications, encrypted, go thru the app.
- Server has intrusion prevention capabilities.
- Single Server Port – All ports but one are closed on servers.
- Network Obfuscation:
- Communicate through a reverse proxy network.
- Communicated with port 443 only.
- Segregate Server Content – Media, graphics, descriptions, transactions occur on different servers.
- Automate, Automate, Automate - strive for no humans involved with the running of the infrastructure.
Trusted Node Architecture
myKryptofon employs a Trusted Node Architecture. In short, if the app or server myKryptofon is communicating with is not authenticated, the communication will not be accepted, and visa versa. The application must pass 5 factors of authentication in order to accept or send secured communications. In detail, myKryptofon encrypts and authenticates all information with a dual SHA-256 authentication and encryption algorithm. Upon installation, each node (app or server) is authenticated and tied to the hardware it is implemented on. Upon subsequent restarts of the application and on a defined basis, the application or process checks with an offsite authentication server for continued validation of implementation. Only then can network communications between nodes execute with implementation of a dual SHA-256 algorithm determined independently on each node.
Global Reverse Proxy Network
myKryptofon implementations of global communications occur through a reverse proxy network, hiding the actual telecommunications server for the user endpoints. This provides for anti-triangulation for anyone sniffing packets to verify if two devices that are near to each other, and thereby disallowing an information from the sniffer of on myKryptofon instance from having any association with the other. This network is be implemented on 5 continents. The end result – myKryptofon delivers the following capability – it protects:
- What specifically is being communicated - the content.
- When it is being communicated - the telecommunications metadata.
- Where it is being communicated - the endpoint being communicated with.
The Resulting User Security Benefits
The total myKryptofon solution provides the most secure capabilities available, delivering a capability stopping the hacking from bad actors (thieves, competition, drug lords, terrorists, and rogue governments).
- Stops internal and external corporate or criminal espionage in myKryptofon calls, text chats and file transfers cannot be successfully executed. There is zero information to complete the criminal espionage.
- Not susceptible to Man-In-The-Middle - MITM - attacks.
- No backdoor access - myKryptofon communicates through a dual SHA-256 algorithm with each