[2225] in cryptography@c2.net mail archive
meganet... for all your snake oil needs!
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Mar 2 15:37:24 1998
To: cryptography@c2.net
Reply-To: perry@piermont.com
Date: Mon, 02 Mar 1998 15:35:41 -0500
From: "Perry E. Metzger" <perry@piermont.com>
In the neverending war to try to sell pseudocryptography to consumers
at high prices, we have...
http://www.meganet.com/
Anyone notice them before while on snake oil patrol?
Here is an explanation of their latest "breakthrough" taken from their
web site. I don't know whether to laugh or cry...
From the Meganet Web Site:
> 1) Virtual Matrix Encryption (VME) reads Data From the original file
> into memory, and then compares it with an internal random matrix of
> values named "Virtual Matrix" (VM). A set of pointers to the
> location in the matrix is created "Virtual Matrix Pointers"
> (VMP). These pointers are than passed further to be encrypted by
> additional algorithms in VME. The ORIGINAL DATA are never encrypted
> or transferred in any form or shape. Since the data is not
> encrypted, there is no way to decrypt it. The process of Encrypting
> utilizes "Progressive Virtual Matrix" (PVM) and the decryption uses
> "Regressive Virtual Matrix (RVM).
>
> 2) At that stage, 5 different keys are being created: "Million Bit
> Key" (MBK) is a key of 1 Million Bits in size that is unique in
> concept. Since a million bits equal 128kb, it would be way slow to
> transfer over slow communication lines (2 minutes at 28.8k),
> therefore, it is recreated at both sides (based on a secret
> reference file) of the connection WITHOUT being transferred. A
> "Standard Transaction Key" (STK) is another key created at the size
> of 2,048 bits. That key is transferred with the encrypted VMP on a
> public network. This key is a unique non-redundant key
> per-transaction, assuring that even if the same data is encrypted
> time after time again, it will never yield the same encrypted code
> (hence preventing a possible security breach). A third key "Users
> Key" also a 2,048 bit key is created based on users input
> (Username, Password, Etc.) and used in the encryption process. 2
> Additional 2,048 bit keys are created randomly and are utilized to
> further encrypt the data.
>
> 3) The encrypted pointers are then further encrypted by a variety of
> highly secured algorithms: "Multiplication Matrix Modulo" (MMM) is
> a matrix of mathematically inverse keys utilized to encrypt/decrypt
> the pointers. Since the specific order is random and based on the
> actual pointers encrypted, there is no way to pinpoint the right
> combination, hence any combination can be valid. "Subtraction
> Matrix Modulo" (SMM) is a system that utilizes a mathematical
> algorithm to add multipule numbers together in a register to create
> an overflow of limited size. The overflow actually gives us an
> unpredictable number that is used to further encrypt the
> pointers. "Multiple Algorithm Matrix" (MAM) is a collection of 256
> UNIQUE encryption/decryption algorithms utilized to further encrypt
> the pointers. Since the specific algorithm used at a certain point
> is dependant on the variety of keys and data flow for the specific
> session, there is no way to know which of those algorithms was
> used. Therefore, regardless of the specific strength of a specific
> algorithm, it is impossible to break. "Bit Level Encryption" (BLE)
> is another innovative algorithm that encrypts data one bit at a
> time. A specific bit can have a value of only 0 or 1, and the
> encrypted value is also only either 0 or 1. Considering the fact
> that a single bit is meaningless (versus a byte that can signify a
> character for example) it is impossible to decrypt.
>
> 4) In addition to the previously described algorithms, an additional
> algorithm,known as "Date Limit Algorithm" (DLA), is
> implemented. The DLA allows further encryption of the pointers in
> such a way that they can be decrypted correctly ONLY between a
> defined date range - therefore creating for the first time, an
> encrypted content that is time sensitive. The implementations are
> endless - you can encrypt data for a specific date in the future
> (software vendors who wants to debut a new software on a specific
> future date can distribute the encrypted code months a head and
> give the password on the specific date). DLA also prevent brute
> force attacks - since it reads the date from the real time clock,
> once it goes out of the date range, the decrypted data will never
> be correct, even if the right keys are used (since there will be no
> way to tell if the problem is the key or the date).
>
> 5) The last stage of encryption consists of "Targeted Delivery System"
> (TDS) which is a system targeted at covering all the scenarios and
> needs for encryption. The "Global" option is as it sounds - anybody
> on the planet with a copy of VME and the right keys & passwords can
> decrypt the data. "Local" means that only people from the same
> organization holding a copy of VME will be able to decrypt the
> data. An outsider, even with a valid copy of VME with all the keys
> and the passwords will not be able to decrypt it. "Private" means -
> your copy of VME is the only copy in the world that will be able to
> decrypt the data, regardless of who aquires the correct keys and
> passwords. "Specific" is targeted at sending specific material a
> specific person, even on the other side of the world - the data is
> encrypted in such a way that only the TARGET user can decrypt
> it. NOT EVEN THE ORIGINATOR CAN DECRYPT THE FILE.
>
> 6) After these explanations, we hope that you'll agree with our
> non-compromising statement of: . .
>
> "VME IS THE ONLY UNBREAKABLE ENCRYPTION" . . .
