TrustLeap FAQ

What do we need that we currently lack?   Security.   Being "compliant" is not enough: we also need to be provably-safe.

First, let's recall why security matters – even for the "ordinary people" (in the USA and elsewhere):

There's only one single way to prevent treachery: forever unbreakable security.

Revisiting "Standard" Security

As the Pentagon's data is stolen despite best-effort and compliance, the need for safety is real and substantial. But things are rarely what they look like on the surface. Claiming that "responsible encryption can only discuss levels of security" or that "certification XYZ is mandatory under the law", is raising the question of what can be trusted.

Bruce Schneier told Forbes in "The Vulnerabilities Market and the Future of Security":

"A variety of government agencies around the world have a strong interest in vulnerabilities remaining unpatched. These range from law-enforcement agencies (like the FBI and the German police who are trying to build targeted Internet surveillance tools), to intelligence agencies like the NSA who are trying to build mass Internet surveillance tools, to military organizations who are trying to build cyber-weapons."

That explains the constant stream of software vulnerabilities: after decades of use, it should be bug-free. But the opposite is observed: the older and most widely used software is, the more it seems capable of generating new security holes.

But, if software is purposely made vulnerable for the sake of watching everyone, all the time and everywhere, then encryption is certainly a much stronger obstacle to systemic spying than mere backdoor-free software.

Unsurprisingly, the same forces which preserve vulnerabilities could as well decide which crypto experts are financed to write books, give conferences, create companies, and grow in influence and in responsibilities – in universities and governments:

Adopters of the latest NIST-approved (and then repudiated following Snowden's NSA leaks) NSA-backdoored random-numbers generator (used to make encryption keys):

Dual_EC_DRBG became an international standard because of the NSA insisted for it to be endorsed by the US ANSI, despite a... 2005 patent explaining how to exploit the flaw.

Why should "trusted security" vendors keep using it in their security products if its flaws were patented in 2005 as a way to helping spy agencies to calculate all end-users' encryption keys in advance?

Moral legitimacy is a strong argument, when it can be used. To last, Governments should seek ways to build a reputation deserved by enforcing sane systems rather than relying on deceptive hidden policies.

Global-WAN provides a way for governments to protect our infrastructure without compromising the security of its citizens.

The  (Key_space / Equally_plausible_solutions)  Ratio

Brute-force attacks consist in trying all the possible keys. With today's ciphers, this inevitably leads to finding the plaintext because key and plaintext patterns found in ciphertexts lead to one single plausible solution.

This is a well-known by-design issue:

Anyone attempting to produce random numbers by purely arithmetic means is, of course, in a state of sin.
John Von Neumann (1903-1957)

As a result, "modern" cryptography (all the algorithms used today, either standard or custom) is provably unsafe.

The security claim of modern encryption is that, given the size of the key space, trying all the keys will take a very long time, making such an attack "infeasible". That's only true for the ones using publicly available computers and cryptographic attacks. Most don't know what parts of the key space are actually addressed by each algorithm, and how to use the patterns left in ciphertexts to reduce the searchable domain even further, when vulnerabilities don't simply defeat the security^1,2,3.

Our modern cryptographic standards have adopted an arbitrarily chosen design which is now a legal requirement worldwide.

This should not be a surprise as the mission of the NSA was clearly defined:

Future superpowers will be made or broken based on the strength of their cryptanalytic programs.
US National Security Agency (NSA)

In contrast, with TrustLeap, keys are provably-safe – whatever their length (they may even be cryptographically unsafe). We can use much smaller keys and stay provably-secure but, to preserve the compatibility that grants users the required legal "compliance", we keep using 128-bit or 256-bit key lengths.

And we dare to think that exposing one's critical infrastructure to ubiquitous vulnerabilities is a bad idea. Being compliant does not imply being vulnerable. It's impossible to maintain order on a minefield.

How TrustLeap Works

TrustLeap is not an encryption algorithm. It cannot efficiently process most raw plaintexts because their redundancy and pattern rates are much too high. TrustLeap is a filter used to post-process ciphers (either on-the-fly, one byte at a time for streamciphers, block by block for blockciphers, or as a final pass applied on a completed ciphertext).

As the TrustLeap filter's memory and computational overhead is very low (and works equally well with very safe or very unsafe cryptography), it is usable on high-concurrency server applications as well as on embedded systems, such as the "Internet of Things".

TrustLeap protects the encryption standards by removing the leaked key and data patterns that help to find the kind of message (and key) that attackers try to recover. After the TrustLeap cure, the whole 128 or 256-bit key space leads to equally plausible solutions. Even if one can break the algorithm instantly (like with a quantum computer) there is no way to find the right solution among the gazillions of equally plausible plaintexts:

The number of atoms in the observable universe is estimated as 10⁸⁰ (1 followed by 80 zeros).
By comparison, the whole 256-bit key space is a bit larger than 10⁷⁷ (only 1,000 times smaller).

So, the 256-bit key space (when not artificially reduced) is much larger than the total of all the documents that will ever be created by humans or machines. As a result, the keys tried during a TrustLeap attack are leading to either:

• many meaningless garbage entries (random data),
  or
• all the possible documents that may make sense (one day) to human beings or machines.

Any of these secured documents can be text (in any of the possible past, present and future languages), music, photos, movies, financial transactions, cooking recipes, wallpaper designs, pharmaceutical patents, etc.) and, because of the lack of ciphertext patterns, there is no possible way to find which one is the correct solution – even for us.

This is what makes TrustLeap's value: being provably-safe against unlimited power, forever, and by-design.

The Proof

We have mathematically demonstrated that "perfect encryption" (in the sense of the "Information Theory") can be done in three different ways, the one-time pad being the only one to have received public coverage – while it is by far the less practical method.

But, to prove TrustLeap's safety without disclosing how it works, we have made what scientists call a "cryptographic oracle". This is a Web form where users choose the:

1. plaintext (one among several English classic books and one sentence they type)
2. encryption standard to secure (they can choose between AES and the weak RC4)
3. symmetric encryption key (which can be left empty, set to "123", anything you type)

Nobody will ever be able to find the random position of the chosen sentence in the chosen plaintext because these 100% known-plaintext brute-force attacks will find that all the solutions are mathematically equally-plausible (there's simply no more way to say which entry among all the solutions is the original plaintext).

Of course, this cryptographic oracle can decrypt the produced ciphertext with your chosen key and crypto algorithm (and nothing else but TrustLeap's filter – there's no data related to any message stored anywhere), and anything made by such this oracle can be read by another machine (without the two machines being connected).

The difference between TrustLeap and other security vendors is simple:

• while others claim they have "strong encryption" (where keys and algorithms must be upgraded periodically),
• TrustLeap can mathematically prove that it has "unbreakable encryption" against unlimited computing power.

And, unlike all others, TrustLeap is not asking anyone to blindly believe that its technology is "strong enough".
"Strong enough" means nothing: strong until when and for who?

"Mathematically-proven as unbreakable" means that nobody will ever be able to break it.

And that's what TrustLeap provides: certainty, a much needed quality in a world populated by the "Internet of Things".

TrustLeap explains why other methods are unsafe and why its own technology is safe forever. This not done anywhere else for a simple reason: this is not taught in schools, the place where all the recognized experts have learned what they know. Instead, we have designed TrustLeap by questioning in use, and resolving the problem rather than picking the first available tool mis-presented as a solution.

[1] Breaking passwords (Outlook, Office, PDF, SQL, Lotus, Intuit, Sage, etc.) (source)
[2] Cryptanalysis of the Random Number Generators of Operating Systems (Windows, Linux)
[3] Source: "Information Security Policies and Actions in Modern Integrated Systems", page 54