The challenge is to perform certain security functions (identity control, anti-fraud, etc.) in offline mode, without depending on any database, while being able to access a large amount of information with different levels of sensitivity. In many contexts and cases, the existence of such databases represents either a weakness or a danger. Indeed, we observe that a database has three essential “vocations”:
- to grow indefinitely,
- to be shared (and thus lead to misuse) with dubious third-parties (e.g. data brokers),
- and, worse, to leak.
Databaseless technologies and multi-level data protection solve all these issues while providing a high level of security and efficiency (billions of instances/items) and offering a total privacy and GDPR-compliance (privacy by-design). They also reduce not to say cancel most of the costs that increase with the database size: management costs, storage costs, operating costs, security enforcement costs.
If we remove the database, we remove all these risks and simplify the management of the use-cases. The mathematical validation is now complete and we have several effective PoCs. We are now working on the various and very numerous industrial applications and business variations.
The fundamental principle is based on the concept of multi-level data protection. From the same data (plaintext or encrypted text), we are able to store/extract other data (plain or encrypted) of the same size. This can be done with the same pair of keys for a whole population or class of objects. But it is possible to vary the number, characteristics of the keys and their management, depending on the application.
Let us consider the fight against fraud or the management of stocks, as a use-case - among many others. Each product is provided with a JAB Code. It works in the same way as a QR-Code, but JAB codes can manage a greater quantity of data) containing a unique content (plain or encrypted).
Scanning the code allows, depending on the key provided, access to two (or more) levels of data, possibly with different sensitivities (see Figures).
If the content is plaintext, the K0 key is not useful. It is public information that anyone can access. On a part or a product (for example, a bottle of perfume), it can be the detailed description of the product. On the other hand, the K1 key, from the same information contained in the JAB Code, gives access to a different content of the same size but more sensitive and accessible only to those who have this key (a customs controller for example).
The K1 key can be unique for all products, for each product class etc. There is no need to have a database to consult, it is possible to work without being connected…. However, this scenario can be extended by multiple variants, possibly with additional, but fully encrypted, databases that can only be accessed product by product (no global processing possible). It is worth stressing on the fact that the key size (128, 192, 256 bits) is far smaller that the size of data (N).
We can thus, with one unique JAB code, manage several hundred to several thousand different characteristics (depending on the application) and data for each product, with two, three, four… levels of security (to manage several classes of controllers or operators, for example).
Our technology allows an almost infinite number of applications. We have imagined, for example, another application concerning identity control, without a database (and therefore without possible misuse). The JAB code can be on the identity card, on a car number plate, etc. The K0 key allows, for a classic control, while the K1, K2, etc. keys give access to information of different security levels, accessible only to law enforcement agencies or competent authorities. This allows a balance between the citizen (who carries all the data concerning him or her but only accesses some of it) and the State (police, judge, authority), which must scan the code to access the most sensitive information. Thus, without a database, no leakage is possible, no security misuse is possible.
Another application is the protection and authenticity control of artworks. The JAB code contains information on the successive owners (updated at each sale) and the information proving the artwork authenticity. The access to this information is via different keys.
We are also currently working on a dynamic version of this technology. A transmission (see figure below) can contain several levels of communication, each one being accessible by a different key from the same transmitted signal.
For the moment, we have dealt with the one-way mode only (transmission in one direction only). However the two-way mode has been mathematically and algorithmically and has yet to be implemented. A secret-sharing scheme can also be implemented in order to allow the access of the second level of transmission.