Dynamic encryption keeps secrets
Professor Lars Ramkilde Knudsen from DTU Compute has invented a new way to encrypt telephone conversations that makes it very difficult to 'eavesdrop'. His invention can help to curb industrial espionage.
A method ensuring that all telephone calls are encrypted and that eavesdroppers are unable to decrypt information in order to obtain secrets. This is a brief definition of dynamic encryption, the brainchild of Professor Lars Ramkilde Knudsen from DTU. Together with telecommunications businessman Kaj Juul-Pedersen, he established the company Dencrypt, which sells dynamic encryption to businesses so they can safely exchange confidential information over the telephone.
"Today, all telephone conversations are encrypted—i.e. converted into gibberish—but they are not encrypted all the way from phone to phone, and if a third party has access to one of the telephone masts through which the call passes, they can listen in," explains Lars Ramkilde Knudsen.
"And even if the conversation is encrypted—in principle—it is still possible to decrypt it provided you have sufficient computer power," he says. This is in no small part due to the fact that the vast majority of telecommunications operators use the same encryption algorithm—the so-called AES, the outcome of a competition launched by the US government in 1997.
"This is where my invention comes in," he says. It expands the AES algorithm with several layers which are never the same.
"When my phone calls you up, it selects a system on which to encrypt the conversation. Technically speaking, it adds more components to the known algorithm. The next time I call you, it chooses a different system and some new components. The clever thing about it is that your phone can decrypt the information without knowing which system you have chosen. It is as if the person you are communicating with is continually changing language and yet you still understand," he says.
Because any eavesdroppers would have to decipher the encryption key and encryption method—and both are thrown away by the phone after each call and replaced by a new combination—the conversation is extremely difficult to decrypt when dynamically encrypted. They new system can prove hugely effective in combating industrial espionage, says Lars Ramkilde Knudsen.
Is there anyone on the line?
Industrial espionage poses one of the biggest cyber threats in Denmark, according the the Danish Security and Intelligence Service's latest risk assessment. Industrial espionage occurs when different players discover and steal trade secrets such as business plans from companies, technical know-how and research results, budgets and secret plans using phone tapping, for example. In the USA alone, the phenomenon costs businesses around USD 100 billion every year according to a 2014 report on the subject by security firm McAfee.
Provided by Technical University of Denmark