| | Keyfusion Technology Keyfusion is a hybrid cryptography system using both elements of secret-key network authentication and a public-key authentication system for producing digital signatures. Keyfusion uses the XML mark-up language for producing a digital receipt, the SHA algorithm for creating a message digest of the digital receipt, and RSA keys for a digital signature of the message digest. Keyfusion was designed to authenticate requests for e-commerce transactions and to authenticate authorship of transaction receipts. Keyfusion is a security measure that exists on the web access level and is combined with SSL to complete the authentication loop. The authentication loop exists where SSL authenticates the vendor and Keyfusion authenticates the end user. In order for PKI to be extended to e-commerce the system had several requirement to meet: - The system must be fast - a highly controlled task specific environment was required.
- It must be scalable to millions of users - a highly automated environment was essential.
- It must be easily distributed in real-time - the software module, or plug-in holding the keys, must be small and the keys must be generated by a central server and securely delivered over the Internet.
The Keyfusion System clearly requires elements from both Kerberos and traditional PKI. Keyfusion has developed the first PKI specifically designed for the speed, scalability, and real-time distributed environment of e-commerce. Keyfusion's patent pending technology overcomes the current technical barriers to widespread utilization of PKI for e-commerce. Keyfusion meets the demands of the Internet for PKI based user authentication with non-repudiation through standard SSL, making it the perfect tool for secure Internet commerce. Our technology allows web designers to supplement web transactions with Internet ID's, digital signatures, digital timestamps, and digital receipts. Keyfusion binds an identity to a pair of electronic keys that are used to provide the authentication and non-repudiation services such as digital signatures and digital timestamps to create binding digital contracts. Keyfusion provides these services in a real-time, distributed environment that generates digital receipts for future third-party verification of transactions. The end user saves the digital receipt to a folder on their hard drive for verifying the transaction and to keep an electronic record of their purchases. In a Keyfusion system, there is a designated site on the network, called the Keyfusion Transaction Server, which performs centralized key management and authentication processing functions for e-commerce transaction assurance. The server maintains a database containing the public keys (which are held like secret keys) of all users, generates a secret key whenever an end user requests a transaction, and authenticates the identity of an end user who requests certain e-commerce services. Keyfusion, like other secret-key systems, requires trust in a third party, in this case the Keyfusion Transaction Server. Unlike a secret key system if the server were compromised, the integrity of the whole system would not fail because public keys can be made freely available without compromising the systems security. Public-key cryptography was designed precisely to avoid the necessity of securely storing keys in a central repository. Keyfusion combines the best of both worlds, the speed and controlled environment of Kerberos with the more robust functionality and properties of public-key systems.
| |