HOME

TheInfoList



Click Here for Items Related To - cryptographic splitting
OR:
cryptographic splitting on:   [Wikipedia]   [Google]   [Amazon]

Cryptographic splitting, also known as cryptographic bit splitting or cryptographic data splitting, is a technique for securing data over a
computer network A computer network is a collection of communicating computers and other devices, such as printers and smart phones. In order to communicate, the computers and devices must be connected by wired media like copper cables, optical fibers, or b ...
. The technique involves encrypting data, splitting the encrypted data into smaller data units, distributing those smaller units to different storage locations, and then further encrypting the data at its new location. With this process, the data is protected from security breaches, because even if an intruder is able to retrieve and decrypt one data unit, the information would be useless unless it can be combined with decrypted data units from the other locations.


History

The technology was filed for patent consideration in June 2003, and the patent was granted in June 2008.


Technology

Cryptographic splitting utilizes a combination of different algorithms to provide the data protection. A block of data is first encrypted using the
AES-256 The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a variant ...
government encryption standard. The encrypted bits are then split into different shares and then each share is hashed using the
National Security Agency The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
's
SHA-256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compressi ...
algorithm.


Applications

One application of cryptographic splitting is to provide security for
cloud computing Cloud computing is "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand," according to International Organization for ...
. The encrypted data subsets can be stored on different clouds, with the information required to restore the data being held on a
private cloud Cloud computing is "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand," according to ISO. Essential characteristics ...
for additional security. Security vendor Security First Corp uses this technology for its Secure Parser Extended (SPx) product line. In 2009, technology services company
Unisys Unisys Corporation is a global technology solutions company founded in 1986 and headquartered in Blue Bell, Pennsylvania. The company provides cloud, AI, digital workplace, logistics, and enterprise computing services. History Founding Unis ...
gave a presentation about using cryptographic splitting with
storage area networks A storage area network (SAN) or storage network is a computer network which provides access to consolidated, block device, block-level data storage. SANs are primarily used to access Computer data storage, data storage devices, such as disk ...
. By splitting the data into different parts of the storage area network, this technique provided
data redundancy In computer main memory, auxiliary storage and computer buses, data redundancy is the existence of data that is additional to the actual data and permits correction of errors in stored or transmitted data. The additional data can simply be a com ...
in addition to security. Computer giant
IBM International Business Machines Corporation (using the trademark IBM), nicknamed Big Blue, is an American Multinational corporation, multinational technology company headquartered in Armonk, New York, and present in over 175 countries. It is ...
has written about using the technology as part of its Cloud Data Encryption Services (ICDES). The technology has also been written about in the context of more effectively using sensitive corporate information, by entrusting different individuals within a company (trustees) with different parts of the information.


See also

*
Secret sharing Secret sharing (also called secret splitting) refers to methods for distributing a secrecy, secret among a group, in such a way that no individual holds any intelligible information about the secret, but when a sufficient number of individuals c ...


References

{{reflist, 30em Information governance Data security