Envaulting is the process of transforming information (referred to as plaintext) using a diffusion algorithm (usually a standard cipher such as 256-bit Advanced Encryption Standard) and an information entropy bits removing algorithm, to make the information unreadable to anyone except those authorized to view it. Access to the data is not based on user passwords.
In the process, the plaintext is first diffused to form ciphertext. Then, a number of information entropy bits are removed from the ciphertext. The process outputs two results: ciphertext that is missing information (referred to as envaulted data) and a group of removed bits (referred to as data fragments).
To reverse the process, i.e. to de-vault information, the envaulted data must first be joined with the data fragments, using a join algorithm, so that the removed bits are inserted back to their original places, and then the ciphertext must be decrypted.
Typical uses for envaulting
A typical use case for envaulting is the protection of information on computer data systems, where one or several computers can act as the storage for data fragments, and other computers hold only the envaulted data. Dedicated software can automatically perform the envaulting and de-vaulting processes. By controlling access to the computers storing data fragments, the data owner can fully control the access to the original information. Envaulted data can reside also on any removable mass storage devices or removable media.
Strengths of envaulting compared to traditional encryption
Unlike traditional encryption, envaulting can protect both the data confidentiality and the data integrity of messages.
Confidentiality is protected because information is ciphered and the ciphertext is then made irrecoverable by removing bits from it. The ciphertext can be successfully decrypted only after inserting the removed bits back to their exact places.
Data integrity is protected because the data fragments form a unique fingerprint of the original information. If the envaulted data is altered in any way, joining it with the data fragments does not produce a valid ciphertext and decryption will fail. Envaulting thus allows the detection of corruption and manipulation of enciphered data.
Furthermore, the access to the protected data does not depend on user generated passwords, i.e. there is no single point of failure that would reveal all data to an attacker.
Limitations of envaulting compared to traditional encryption
Because the envaulted data and data fragments must be stored in separate places, availability of the original information is more limited than in encryption. Whereas traditional encryption can be decrypted with a single password that a person can memorize, envaulting requires access to the data fragments at the time of accessing.
However, the limited availability of envaulting can be converted into a strength in cases where availability of certain data is wanted to depend on a user's current access to e.g. a network resource. For example, local data remaining unavailable until a controlled network access to a data fragment storage is established. The limited availability can therefore be used to remotely control and monitor different users’ or user groups’ access to the original information.
The fragments can be smartly cached on e.g. the internal hard disk of a computer for a certain lifetime for high availability even when there is no network connection. Controlling the lifetime of the fragment cache then makes it possible to control the availability of the protected data: Which users can use data offline and for how long.
Background of envaulting
Envaulting was developed in cooperation by Envault Corporation and VTT, the Technical Research Centre of Finland. Primary design goal was to create a transparent and easy to use data protection technique that would address the known shortcomings of traditional encryption (difficult secret key management, lack of protection for data integrity, and vulnerability to cryptanalysis and side-channel attacks, such as the recent Princeton Cold boot attack). The developed method combines encryption with the concept of missing data, providing a new way for the owner of the protected information to remotely control and monitor access to it. Ideally, the envaulting and de-vaulting processes should be automated so that they require no passwords or any input from the user. This way envaulting helps to eliminate the human error from data security.
Envault Corporation has filed international patent applications protecting the envaulting method and several implementation level solutions.