Encryption platform enables OEMs to prevent cloning and data theft

March 06, 2012 // By Julien Happich
MerlinCryption has released MerlinM2M, a powerful encryption platform that helps OEM developers master the risk of cloning, software compromise, physical machine compromise, and man-in-the-middle attack. Designed specifically for the embedded and M2M market, the platform is said to deliver significantly larger, dynamically changeable, scalable keys; a parameter-controlled, scriptable key and password generator; a parameter-controlled Smart-Encryption engine; and flexible multi-factor authentication.

The parameter-controlled key generator can initiate unpredictable and changing keys up to 2 GB, and proliferates available keys-for-use by multiple-factors of billions of keys. Each key exists only until encryption is complete, at which point the platform deletes the key and scrubs memory. Although keys can be massive, the platform realizes sub-second speed, working under-the-hood to leverage productivity and invulnerability in embedded environments. OEMs gain additional security benefit from the platform's multi-factor dynamic authentication component, which is based on “temporary” factors, as well as known constant factors. Non-linear and environmental factors, not only expand developer options, but also provide the advantage to choose, change, and increase or decrease these factors, on demand. The authentication incorporates an optional SHA-2 hash.

The MerlinM2M platform is run by a scripted controller that essentially “wraps” the process into a tightly customized and impenetrable sequence of execution. User-defined scripts dynamically calculate and feed parameters to the algorithm, achieving encryption that cannot be predicted by hackers. MerlinWrap allows every embedded solution to easily be designed to the individual organization’s security needs and product structure. The encryption components of the platform are customized, unique to the OEM’s machine portfolio, and not interoperable with any standard or other custom version. The platform is secured by MerlinCryption’s algorithm, which is not based on mathematical technique and is not subject to statistical analysis. The encryption engine has the unique ability to produce a different encrypted transmission every time, even when the machine repeats the same data, key, and password input. The encryption is HIPAA compliant, OFAC compliant and BIS/NSA approved for export.