Public key infrastructure is based on modern cryptography, where the existence of one-way-functions is assumed and such speculated to be one-way-functions are used in practice. The security is based on computational security, rather than the classical information theoretical secure techniques, such as the one-time-pad (a random collection of letters each used at most once to encrypt messages with complete security) that implies unconditional secrecy, in particular, cannot be broken by extensive computation for revealing keys. Beyond the computational security promise, there is a need to avoid man-in-the-middle attacks by authenticating the parties using a trusted authority that authenticates the user and stores keys. In turn, the existence of keys is a target for attacks.
A Virtual Private Network (VPN—a network that uses a public infrastructure, such as the Internet, to provide secure access and ensured privacy through security procedures and tunneling protocols) provides easy access from the cloud into a corporate network and its internal resources. However, the encryption protocols that are used today for establishing a VPN are based on encryption keys (PKI—public key infrastructure). In order to create a secure channel between two entities, the destination must provide the sender a certification of its public key, signed by a trusted Certification Authority (CA). If the sender trusts the certification, the sender uses the public key of the CA to reveal the destination public key and a secure session begins. However, if an intruder steals identification of some entity and provides a certified key to the client, the client may use the intruder's key to encrypt the data (e.g., man-in-the-middle attack MITM). Therefore, one of the vulnerabilities of using PKI is identity spoofing that causes the source to use the attacker's key.
Another limitation of existing VPNs is the fact that they are based on computational secured protocols, i.e., with enough computational power, an intruder can reveal the encrypted data. Since the computational power of machines continuously grows over the years, the length of the encryption key must increase in order to maintain the desired level of security. However, increasing the length of the key implies degradation in the performance of the encryption process. In addition, there are many existing hardware devices that do not support this new length of the keys and therefore, there are cases where the encryption is vulnerable at a portion of the channel. Also, there are many attacks from the last few years that succeed to break these protocols even without having the key, such as, the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack, (which is a man-in-the-middle exploit), or “Compression Ratio Info-leak Made Easy” (CRIME) attack, (which is a security exploit against secret web cookies). Moreover, unlike information theoretical secure based protocol, the computational secured protocol is not everlasting and basically, it is just a matter of time for the information to be revealed. As a result of the above limitations, an attacker can sniff the data anywhere in network (in the immediate perimeter, in the close zone e.g., a country, or in the backbone—between countries) and then, or at any time in the future, try to break the encryption.
Cloud computing (a form of distributed computing accessed through the network, with the ability to run a program on many connected computers at the same time) is one of the fastest growing opportunities for enterprises and service providers. Enterprises use the Infrastructure-as-a-Service model (IaaS model—a form of cloud computing that provides virtualized computing resources over the Internet), to build private and public clouds that reduce operating costs and increase the reliability of their critical information systems.
One of the existing solutions is CloudBridge technology presented by Citrix® Systems, Inc. (Fort Lauderdale, Fla., U.S.A.), which provides a unified platform that accelerates applications across public and private networks, resulting in superior application performance and end user experience. CloudBridge connects across third-party public cloud and private networks, thereby offering a platform for cloud-enabling third-party applications. However, the privacy of CloudBridge is achieved using a standard VPN, and therefore, is limited to a computational secured channel.
Secret-sharing is a tool used in many cryptographic protocols. A secret-sharing scheme involves a dealer who has a secret, a set of n parties, and a collection of subsets of k parties. According to a secret-sharing scheme, the dealer distributes shares to the parties such that any subset of k parties can reconstruct the secret from its shares, and any subset with less than k parties cannot reveal any partial information on the secret. Secret-sharing schemes have numerous applications in cryptography and distributed computing including secure information storage, secure multiparty computations, access control and more. However, none of these schemes solve the problem of providing information theoretically secure source-destination communication over several optional paths.
Other prior art solutions deal with security issues that arise when using SDN, such as using secure multiparty computation techniques to secure the data in the controller. Another prior art method focuses on the effects of end-to-end encrypted networks on Network Intrusion Detection Systems (NIDS) operations. All data traffic sent to a receiver by a sender must be replicated and forwarded also to a Central IDS (CIDS), i.e., the sender sends the packet to a proxy and the proxy forwards it to the receiver as well as to the CIDS. Each connection is secured by VPN but thus unauthorized network sniffing is prevented. However, proxies are still able to access network packets relayed through them, which may expose the network packets to unwanted scrutiny. In order to ensure confidentiality with respect to the proxies, secret-sharing is used, such that the sender splits the packet to n shares and sends the shares to n proxies, the proxies further send the shares to the receiver and the CIDS. However, since VPN routes may cross common network components, the security of the prior art suggested scheme is essentially identical to the security of VPN.
“SPREAD: Improving Network Security by Multipath Routing” (Lou et al., Military Communications Conference, MILCOM '03, 2003 IEEE, Vol. 2) discloses an end-to-end multipath secure data delivery scheme, secure protocol for reliable data delivery (SPREAD), as a complementary mechanism for the data confidentiality service in the public networks. The confidentiality is improved by forcing the secret sharing principle in the network via multipath routing. With a (T,N) secret sharing scheme, the message to be protected can be divided into N shares such that from any T or more shares, it can easily recover the message, while from any T−1 or less shares, it should be impossible to recover the message. Then the shares are delivered across the network via multiple independent paths. The destination node reconstructs the original message upon receiving T or more shares.
“MULTIPATH ROUTING APPROACH FOR SECURE DATA DELIVERY” (Lou et al., Military Communications Conference, MILCOM '01, 2001 IEEE, Vol. 2) discloses an approach to enhance data confidentiality when transmitting across insecure networks by taking advantage of the distributed nature of networks such as Internet or wireless networks and combine the secret sharing scheme and multipath routing. With a (T,N) secret sharing scheme, the secure message is divided into N shares such that the message can be easily recovered from any T or more shares, while from any T−1 or less shares, it is computationally impossible to recover the message. Then, the shares are delivered across the network via N different paths using the multipath routing algorithm, where no T or more paths can share a single node. The destination node can reconstruct the original message upon receiving T or more shares. Any intermediate node does not intercept T shares necessary for the message recovery. The algorithm takes path independence, path quantity, as well as path cost into consideration and is able to find sets of node disjoint paths between any source-destination pair.
However, both solutions proposed by Lou et al are not highly performance efficient, since shares must be routed in predetermined totally independent source-to-destination paths, without considering the varying data traffic congestion/restrictions in each node. Therefore, in order to obtain the desired level of security, the performance of packet delivery may be compromised. In addition, there are situations where according to the solutions proposed by Lou et al, it will be impossible to find totally independent source-to-destination paths, while there is an existing solution, in which less than k shares traverse each node in the network. For example, when each of the nodes A and B that are connected to C forward (k−1)/2 of the arriving shares to C, while their other (k−1)/2 are forwarded in different paths and some are merged in other nodes later, resulting in non-independent paths that still fulfill the k−1 restriction.
It is therefore an object of the present invention, to provide an improved and secure VPN solution which is based on data separation scheme that overcomes the security vulnerabilities of the existing VPNs.
It is still an object of the present invention to provide a data separation scheme, for establishing private interconnection between a sender and a receiver, without the need to use encryption keys or trusted third party authorities for achieving security and privacy.
It is another object of the present invention to provide a data separation scheme, which is particularly effective for establishing a private channel, in which the information is information theoretically secure and is not bounded by the security of the VPN used.
It is a further object of the present invention to provide a data separation scheme for establishing a private channel in communication networks, in which the transmitted information cannot be revealed, unless at least k shares are revealed.
It is yet another object of the present invention to provide a data separation scheme, particularly effective for establishing a private channel in the network, which does not require using a Certification Authority for identification to encrypt data communicated between two parties over a data network, even if the data network exploits the internet, public clouds and untrusted channels.
Other objects advantages of the present invention will become clear as the description proceeds.