HYKER
This page is all about HYKER:
- What does HYKER add?
- What service do HYKER offer?
- What use cases can be solved with HYKER?
What does HYKER add, and why should I use your service?
HYKER adds simplicity to the complicated world of cryptography. This includes several things, such as correct cryptography usage, ease of development for programmers and hosting of services. Everything implemented with high focus on simplicity for the customer developer.
In short, HYKER provides:
- High level abstractions on cryptographic libraries for common use cases
- Hosting of key distribution services
- Continuous integration of current standards
To avoid misconceptions about what we do, we want to adress the following:
Algorithms - Schmalgorithms
We sometimes hear "We have the best algorithms, therefore you should use our crypto." The truth is, everybody has the best algorithms. Free, secure and reliable implementations of world class crypto is easy to come by. E.g. openssl, bouncy castle, nacl etc are all widely used crypto libraries containing world class algorithms.
How do you compare to ["Insert open source cryptographic library"]
Short answer: we don't.
Long answer: HYKER does not solve the same problem as openssl, nacl, bouncy castle or similar libraries. In fact, we use them to solve our problems.
HYKER provides an easy way to use these libraries by implementing simple methods on high abstraction levels. We also host the needed accompanying online services such as a Public Key infrastructure and symmetric key distribution services.
Using cryptography correctly in different scenarios
Different cryptographic libraries come with different focuses, functions, and ease of use. HYKER has developed libraries with a focus on environments where traditional security models do not fit very well. Our keyword for this is asynchronous communication. When communicating through an intermediate, e.g. in MQTT, AMQP, etc, we provide libraries which do all cryptographic operations and key exchange under the hood.
Key distribution
With high level abstraction libraries, cryptography is easy. Key distribution however is still hard.
HYKER provides key distribution in a number of variants:
- HYKER hosted cloud PKI
- Customer hosted cloud PKI
- End user confirmable key exchange
HYKER provides easy integration, continuous development and cloud or easy on premise hosting of a complete, scalable and secure Key Distribution System.
HYKER services
The HYKER encrypted communication service consists of many parts. Depending on your needs, you can choose between these protocols to provide your application with encryption and key sharing services.
RIKS
- Retroactive Interactive Key SharingSAFT
- Secure Asynchronous File TransferPEP
- Payload Encryption Protocol
All of our services are linked to the HYKER KDS
- Key Distribution System for identity distribution.
RIKS
For all systems communicating in a dynamic way, for example through an MQTT broker or a Real-time Database, RIKS
is the way to go. RIKS encrypts messages so that they can be sent over arbitrary channels where the publisher does not have to be aware of the subscribers at send time.
The RIKS
protocol implementation RiksKit
available in Java
and C++
provides both encryption functionality as well as key management and key sharing service including concepts such as:
Key cache
A collection of keysRiksKit
can use to decrypt messages.Key request
Performed byRiksKit
when in need of a key not incache
.Key response
Reactive key sharing to allowed receivers uponkey request
.Whitelist
Used to grant access to receivers atkey request
.Rekey
Triggers generation of new key to be used e.g. afterwhitelist
change.Preshare
A proactivekey response
.
PEP
For simpler scenarios, PEP
is the most straightforward of these libraries, solving basic needs for payload encryption. It includes point-to-point transport of encrypted payloads.
SAFT
Finally SAFT
is suitable for delivering large files between nodes in an asynchronous way. A common scenario is firmware update for mobile devices.
KDS
All HYKER protocols are backed by KDS
which is a hosted key distribution service often invisible to the developer, though it can be deployed on premise or replace by own implementations.
HYKER use cases
This section contains a list of common use cases that HYKER can contribute to. In addition to this list a collection of implemented use cases are available along with follow-along articles.