Digital security is everything these days, as news of data breaches are becoming as commonplace as weather updates. But investing in security can be expensive and time-consuming, and require a lot of technical knowledge. And even after you implement all the protections you think you need, there may be a hidden pathway to your data you aren’t even aware of.
Diamond Key Security is out to change all of that with its cryptography and encryption hardware.
“Our mission is to bring to the market products and solutions for cryptography, digital security and digital encryption that are developed in an open or transparent manner,” said W. Stuart Jones, managing director of operations. “We want consumers to have some assurance that cryptography and encryption are actually being done — that there are no backdoors or functions behind the curtain that would disable or reduce the encryption, and therefore the privacy that is provided from such a security device.”
We want consumers to have some assurance that cryptography and encryption are actually being done.”
The Palatine-based organization is a nonprofit comprised of a small team of full-time technologists and consultants developing a hardware security module. These physical devices are intended to store, protect, encrypt, decrypt and manage highly sensitive data and things like digital keys, in addition to being used for signing and authentication. These digital keys are vital for ensuring secure communications between telecommunications systems like cellular and landline networks.
But in order to understand how Diamond Key is doing that, you first have to know about the CrypTech project.
The CrypTech project is an open source hardware cryptographic engine in ongoing development by tech professionals and academics all over the world that allows anyone, anywhere, to access and use its hardware specs and associated firmware for free.
“The CrypTech project was formed in 2013 as a result or a response to the [Edward] Snowden revelations about mass surveillance,” said Jones. “Some of that information documented and pointed directly to ways that governments put backdoors into products before they even come to market, such that they can decode and wiretap effectively.”
Diamond Key takes the open source materials created in the CrypTech project and does additional quality assurance before using the technology to build market-ready products and solutions. It does this both for the benefit of potential end users of the open source technology worldwide and to implement the source developments in its own marketed hardware security module — the Diamond-HSM.
These systems have not been made in a commercial manner where they are affordable for people to secure everyday communications.”
HSM devices are typically employed by financial institutions and other large companies that deal with massive amounts of delicate data. There are a number of manufacturers like IBM, HP, Gemalto and Utimaco that make HSMs, but they are often quite expensive.
“These systems have not been made in a commercial manner where they are affordable for people to secure everyday communications,” said Jones. “So there’s a market opportunity to do that — to serve lower-cost, lower-complexity requirements.”
Diamond-HSM’s core customers will be internet domain operators, private network operators and enterprises primarily — but everyday internet users will benefit from its product nonetheless.
Here’s how: When visiting a website, the domain name you search is converted to a numerical IP address via the Domain Name System. That system can sometimes be hijacked by nefarious actors and can open users to security risks. DNS Security Extensions can create unique signatures for every domain name and drastically increase security. To add another layer of protection, HSMs can store and protect these signatures to ensure their authenticity and, when employed by companies, ensure that end-user internet activity is encrypted and unaltered.
Jones said the Diamond-HSM is currently in beta testing and the first iteration of the product is expected to roll out sometime this summer. The organization also provides outside entities with resources related to the CrypTech project, like product and user documentation, reference designs, use cases and training.
“Another part of our mission is to help educate the general public and economically underdeveloped groups about the need for cryptography, encryption and digital security,” said Jones.