Key Shadowing is a patented secret sharing technology that permits a master key to be created, used to protect data in flight or at rest, “shadowed” into any number of parts, and then destroyed. The master key is never persistently stored. When the data needs to be accessed, a pre-defined number of the shadows (current options are 2, 3, or 4) must be used to regenerate the master key.

Using old technologies, master keys are generally stored using a key management system. That system represents a single point of potential failure: If the system is hacked, a bad actor inside an organization grants access to the system, or the system is otherwise exposed, an organization’s master keys are exposed. Thus, their data is exposed.

Organizations have lost literally billions of dollars due to exposure of master keys. In addition, even if the organization catches potential exposure before incurring direct losses, they may have to re-encrypt all their protected data with new master keys, which can be a very expensive process especially for large organizations.

What is Shown?

The video shows ten key shadows generated for a randomly selected 512 bit master key. Every possible combination of four of those ten key shadows was then used to regenerate the master key. Unlike in a commercial use case, the master key was retained to verify the master key was properly regenerated every time. The retained master key was NOT used in the regeneration process.

While the math behind Key Shadowing technology is very complex, coding for the technology can run quickly with a small CPU and memory footprint. For example, the video was based on running Key Shadowing technology by a laptop with a standard AMD A6 processor. The technology has also been run by platforms ranging from a Raspberry Pi to a server.

Number of Tries

As shown in the demo video, a master key has been successfully regenerated almost 1,600,000 times. A little math: four out of ten key shadows for a master key can be combined in 5,040 ways. After running through all of those combinations, a new master key was randomly selected and the process re-started. Thus, regeneration of almost 900 master keys from 5,040 possible combinations of associated key shadows is shown.

Is There More?

Yes. Key Shadowing has been run over many months with literally millions of master keys regenerated from every possible combination of four out of ten key shadows WITH NO FAILURES. Application of the technology to master keys as large as 65,536 bits, generation of over 100 key shadows per master key, and other variations have been successfully validated.

ATLANTA, GA, FEB 15, 2018 - IntelligenceServicesGroup (iSG) joins HyperSpace Security, Inc. in bringing our patented key shadowing technology to market... (Full Press Release)