HYKER

This page is all about HYKER:

  • What does HYKER add?
  • What service do HYKER offer?
  • What use cases can be solved with HYKER?

What does HYKER add, and why should I use your service?

HYKER adds simplicity to the complicated world of cryptography. This includes several things, such as correct cryptography usage, ease of development for programmers and hosting of services. Everything implemented with high focus on simplicity for the customer developer.

In short, HYKER provides:

  • High level abstractions on cryptographic libraries for common use cases
  • Hosting of key distribution services
  • Continuous integration of current standards

To avoid misconceptions about what we do, we want to adress the following:

Algorithms - Schmalgorithms

We sometimes hear "We have the best algorithms, therefore you should use our crypto." The truth is, everybody has the best algorithms. Free, secure and reliable implementations of world class crypto is easy to come by. E.g. openssl, bouncy castle, nacl etc are all widely used crypto libraries containing world class algorithms.

How do you compare to ["Insert open source cryptographic library"]

Short answer: we don't.

Long answer: HYKER does not solve the same problem as openssl, nacl, bouncy castle or similar libraries. In fact, we use them to solve our problems.

HYKER provides an easy way to use these libraries by implementing simple methods on high abstraction levels. We also host the needed accompanying online services such as a Public Key infrastructure and symmetric key distribution services.

Using cryptography correctly in different scenarios

Different cryptographic libraries come with different focuses, functions, and ease of use. HYKER has developed libraries with a focus on environments where traditional security models do not fit very well. Our keyword for this is asynchronous communication. When communicating through an intermediate, e.g. in MQTT, AMQP, etc, we provide libraries which do all cryptographic operations and key exchange under the hood.

Key distribution

With high level abstraction libraries, cryptography is easy. Key distribution however is still hard.

HYKER provides key distribution in a number of variants:

  • HYKER hosted cloud PKI
  • Customer hosted cloud PKI
  • End user confirmable key exchange

HYKER provides easy integration, continuous development and cloud or easy on premise hosting of a complete, scalable and secure Key Distribution System.

HYKER services

The HYKER encrypted communication service consists of many parts. Depending on your needs, you can choose between these protocols to provide your application with encryption and key sharing services.

  • RIKS - Retroactive Interactive Key Sharing

  • SAFT - Secure Asynchronous File Transfer

  • PEP - Payload Encryption Protocol

All of our services are linked to the HYKER KDS - Key Distribution System for identity distribution.

RIKS

For all systems communicating in a dynamic way, for example through an MQTT broker or a Real-time Database, RIKS is the way to go. RIKS encrypts messages so that they can be sent over arbitrary channels where the publisher does not have to be aware of the subscribers at send time.

The RIKS protocol implementation RiksKit available in Java and C++ provides both encryption functionality as well as key management and key sharing service including concepts such as:

  • Key cache A collection of keys RiksKit can use to decrypt messages.
  • Key request Performed by RiksKit when in need of a key not in cache.
  • Key response Reactive key sharing to allowed receivers upon key request.
  • Whitelist Used to grant access to receivers at key request.
  • Rekey Triggers generation of new key to be used e.g. after whitelist change.
  • Preshare A proactive key response.
PEP

For simpler scenarios, PEP is the most straightforward of these libraries, solving basic needs for payload encryption. It includes point-to-point transport of encrypted payloads.

SAFT

Finally SAFT is suitable for delivering large files between nodes in an asynchronous way. A common scenario is firmware update for mobile devices.

KDS

All HYKER protocols are backed by KDS which is a hosted key distribution service often invisible to the developer, though it can be deployed on premise or replace by own implementations.

HYKER use cases

This section contains a list of common use cases that HYKER can contribute to. In addition to this list a collection of implemented use cases are available along with follow-along articles.

HYKER implemented use cases