Category Archives: EviKey & EviDisk

image_pdfimage_print

IK Rating Guide: Understanding IK Ratings for Enclosures

Rating Guide enclosure box labeled with IK ratings from IK01 to IK10 on a white background.

What Is IK Rating?

IK Rating Guide is essential for understanding the level of protection an enclosure offers against external mechanical impacts. This guide explains the IK rating system, from IK01 to IK10, and why IK10 represents the highest vandal resistance available. Understanding these ratings ensures you select the right protection level for your electrical enclosures.

2024 Articles Technical News

Best 2FA MFA Solutions for 2024: Focus on TOTP & HOTP

2024 Articles Technical News

New Microsoft Uninstallable Recall: Enhanced Security at Its Core

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

2024 EviKey & EviDisk Technical News

IK Rating Guide: Understanding IK Ratings for Enclosures

2024 Digital Security Technical News

Apple M chip vulnerability: A Breach in Data Security

Stay informed with our posts dedicated to Technical News to track its evolution through our regularly updated topics.

Explore our IK Rating Guide to understand how different IK ratings protect your enclosures. Learn about impact resistance and how to choose the right protection level with insights from Jacques Gascuel. Stay informed on the best practices for safeguarding your electrical equipment.

IK Rating Guide: Understanding the IK Rating System

The IK Rating Guide clearly defines the international standard IEC 62262. This standard classifies the degree of protection that enclosures provide against mechanical impacts. The rating system is crucial for industries where equipment needs to withstand physical stress. Ratings range from IK01, which indicates minimal protection, to IK10, which represents the highest level of protection against external impacts.

Here is a detailed breakdown of the IK ratings:

IK Rating Impact Energy (Joules) Radius of Striking Element (mm) Material Mass (Kg) Pendulum Hammer Spring Hammer Free Fall Hammer
IK01 0.15J 10 Polymide 0.2 Yes Yes No
IK02 0.20J 10 Polymide 0.2 Yes Yes No
IK03 0.35J 10 Polymide 0.2 Yes Yes No
IK04 0.50J 10 Polymide 0.2 Yes Yes No
IK05 0.70J 10 Polymide 0.2 Yes Yes No
IK06 1.00J 10 Polymide 0.5 Yes Yes No
IK07 2.00J 25 Polymide 0.5 Yes No Yes
IK08 5.00J 25 Polymide 1.7 Yes No Yes
IK09 10.00J 50 Polymide 5.0 Yes No Yes
IK10 20.00J 50 Polymide 5.0 Yes No Yes

IK Rating Guide: IK10 Rating as the Ultimate Protection

The IK Rating Guide highlights IK10 as the highest level of impact resistance. This rating offers protection against 20 joules of impact energy. This level of protection is crucial for enclosures in environments prone to vandalism or extreme conditions. For example, the EviKey NFC HSM uses an IK10-rated enclosure. This design ensures that sensitive data remains protected even in high-risk environments. Another example is the NFC HSM Tag, which also relies on IK10-rated enclosures to ensure durability and security.

IK Rating Guide: Comparing IK Ratings with IP Ratings

The IK Rating Guide helps distinguish between IK and IP ratings. While IK ratings assess resistance to mechanical impacts, IP (Ingress Protection) ratings evaluate protection against dust and water. Both ratings are essential when selecting an enclosure. For instance, an outdoor enclosure may require a high IP rating for water resistance in addition to an IK10 rating for impact protection.

IK Rating Guide: Material Considerations for IK-Rated Enclosures

The IK Rating Guide emphasizes the importance of material choice in determining an enclosure’s IK rating. Common materials include GRP (Glass Reinforced Plastic), metal, and polycarbonate. GRP enclosures, known for their high strength and corrosion resistance, are often used in environments requiring IK10 ratings. Metal enclosures offer excellent impact resistance but may need additional coatings to prevent rust in outdoor applications. Polycarbonate, on the other hand, is lightweight and impact-resistant. This makes it suitable for lower IK ratings or specific environments.

IK Rating Guide: Application Examples of IK Ratings

The IK Rating Guide provides practical examples to help you choose the right enclosure:

  • Public Spaces: Transportation hubs, parks, and schools often require IK10-rated enclosures to withstand vandalism.
  • Industrial Settings: Factories or construction sites commonly use enclosures with IK08 or IK09 ratings. These settings need to resist impacts from heavy machinery or accidental collisions.
  • Data Security Devices: Products like the EviKey NFC HSM utilize IK10-rated enclosures. These enclosures ensure the security of sensitive data even under physical attack.

IK Rating Guide: Installation and Maintenance Tips for IK-Rated Enclosures

Proper installation and maintenance are vital. The IK Rating Guide offers tips to ensure your IK-rated enclosure performs as expected:

  • Secure Mounting: Mount the enclosure securely to prevent it from being dislodged or damaged.
  • Regular Inspections: Inspect the enclosure periodically for signs of impact damage or wear, especially in high-risk environments.
  • Environmental Considerations: If exposed to harsh conditions, consider adding protection. Weatherproof coatings or UV-resistant materials can extend the life of your enclosure.

Innovations and Future Trends in IK Ratings

The IK Rating Guide notes ongoing innovations in enclosure design. These could influence IK ratings in the future:

  • Smart Enclosures: Modern enclosures increasingly come with sensors that detect impacts. They can report damage in real-time, enhancing maintenance and security.
  • Sustainable Materials: As industries shift toward sustainability, expect to see more enclosures made from eco-friendly materials. These materials will still meet high IK rating standards.

Frequently Asked Questions (FAQ)

  1. What is the difference between IK and IP ratings?
    • IK ratings measure resistance to mechanical impacts. In contrast, IP ratings assess protection against dust and water.
  2. Can an enclosure’s IK rating be improved after installation?
    • Improving an IK rating typically involves upgrading the material or adding protective features. This might require replacing the existing enclosure.
  3. Why is IK10 the highest rating?
    • IK10 represents the maximum impact energy (20 joules) that standard testing procedures evaluate. This provides the highest available protection against physical impacts.

Frequently Asked Questions (FAQ)

IK ratings measure resistance to mechanical impacts. In contrast, IP ratings assess protection against dust and water.

Improving an IK rating typically involves upgrading the material or adding protective features. This might require replacing the existing enclosure.

IK10 represents the maximum impact energy (20 joules) that standard testing procedures evaluate. This provides the highest available protection against physical impacts.

For more detailed information on IK ratings and their classifications, you can visit the IEC Electropedia. This resource offers in-depth explanations and standards related to IK codes, supporting your understanding of how these ratings are developed and applied.

How to secure your SSH key with NFC HSM USB Drive EviKey

NFC HSM USB drive SSH Contactless keys manager EviKey NFC & EviCore NFC HSM Compatible Technologies patented from Freemindtronic Andorra Made in France - JPG

How to Create and Store Your SSH Key Securely with EviKey NFC HSM USB Drive

NFC HSM USB Drive EviKey revolutionizes SSH key storage in our digital era. In a world teeming with cyber threats, safeguarding SSH keys remains paramount. Yet, striking a balance between top-notch security and effortless access often poses challenges. The answer? EviKey’s groundbreaking NFC HSM USB technology. Throughout this guide, we’ll uncover how EviKey stands out, ensuring robust security without forsaking user convenience. So, whether you’re a seasoned tech expert or just beginning your cybersecurity journey, dive in. You’re about to discover the next big thing in digital key storage.

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

How to create and protect your SSH key with NFC HSM USB drive

The NFC HSM USB drive is a device that allows you to create and store your SSH key securely with EviKey technology. EviKey is a patented technology that encrypts your SSH key with a secret code that only you know and that is stored in a NFC tag embedded in the device. You will need to scan the NFC tag with your smartphone or another NFC reader to unlock your SSH key and use it for SSH sessions. You will also learn how to customize the security settings of your device and how to backup and restore your SSH key.

SSH: A secure protocol for remote communication

SSH, or Secure Shell, is a cryptographic protocol that allows you to establish a secure communication between a client and a server. SSH is often used to remotely administer servers, execute commands or transfer files. To connect to a server via SSH, there are two authentication methods: password or public key.

Password authentication: simple but insecure

Password authentication is the simplest method, but also the least secure. Passwords can be easily guessed, stolen or intercepted by attackers. Moreover, you have to remember your password and enter it every time you connect.

Public key authentication: advanced and secure

Setting up public key authentication for SSH

Public key authentication is a more secure and convenient way to access remote servers than using passwords. To set it up, you will need to generate a pair of keys, one public and one private, and copy the public key to the server you want to connect to. The private key will stay on your local machine and will be used to authenticate yourself when you initiate an SSH session. You will also learn how to use a passphrase to protect your private key from unauthorized access.

Advantages and constraints of public key authentication

Public key authentication: benefits and challenges

Using public key authentication for SSH has many benefits and challenges. Some of the benefits are: increased security, reduced risk of brute force attacks, and a streamlined login process. Some of the challenges are: managing multiple keys, ensuring the integrity of the public key, and recovering from lost or stolen private key. You’ll also learn some best practices for overcoming these challenges and protecting your SSH keys.

Public key authentication has several advantages:

  • Compared to password authentication, public key authentication offers a higher level of security. It also avoids typing your password every time you connect. In addition, it allows you to automate processes that require an SSH connection; such as scripts or orchestration tools.

However, public key authentication also involves certain constraints:

  • You have to deal with some constraints when you use public key authentication. For each client and each server, you have to generate a pair of keys; copy the public key on the server in a special file called ~/.ssh/authorized_keys; and protect the private key against any loss or compromise.

EviKey NFC HSM USB drive: A solution to store your SSH key securely

To overcome these constraints, there is a solution: using an EviKey NFC HSM technology to store your private SSH key physically externalized. EviKey NFC HSM USB drive is a hardware device that allows you to store sensitive data in a secure flash memory, which can only be unlocked with a contactless authentication via a smartphone compatible with NFC (Near Field Communication). It offers several advantages:

  • The EviKey NFC HSM USB drive allows you to keep your private SSH key outside of the hard disk of the client. This reduces the risks of theft or unauthorized access. You can also unlock your private SSH key without typing a password or a passphrase; you just have to approach your smartphone to the NFC HSM USB drive. Moreover, the device offers an industrial level of security equivalent to SL4 according to the standard IEC 62443-3-3.

EviKey NFC HSM: A technology developed by Freemindtronic SL

There are several models and brands of NFC HSM USB drives on the market, but in this tutorial, we will focus on the EviKey NFC HSM technology, developed by Freemindtronic SL, an Andorran company specialized in cybersecurity. EviKey NFC HSM is compatible with all operating systems (Linux, Windows, macOS, Android) and can be used with three free Android applications: Evikey & EviDisk, Fullkey Plus and Freemindtronic (FMT). These applications allow you to manag the NFC HSM USB drives, to create and restore backups, to encrypt and decrypt files, and to authenticate via SSH.

How to create an SSH key and use it with a NFC HSM USB drive

In this tutorial, we will show you how to create an SSH key under different operating systems, how to use a NFC HSM USB drive to store your private SSH key physically externalized, and how to use the public SSH key to authenticate locally, on a computer or on a server.

Prerequisites

The following are required to follow this tutorial:

  • A computer or a smartphone with an operating system among Linux, Windows, macOS or Android.
  • An internet connection.
  • A NFC HSM USB drive.
  • One of the three Android applications mentioned above installed on your smartphone.
  • A remote server that you want to connect to via SSH.

Creating an SSH key

The first step to use public key authentication is to generate a pair of SSH keys (private and public) on your computer or smartphone. To do this, you can use a special utility called ssh-keygen, which is included with the standard OpenSSH suite. By default, this utility will create a pair of RSA keys of 3072 bits.

The procedure to create an SSH key varies depending on the operating system that you use. Here is how to do it for each case:

  • Linux

    • Open a terminal and type the following command: ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • This command will create a new pair of SSH keys using your email as a label.
    • You can choose the location and name of the file where to save your private key, as well as a passphrase to protect it.
    • By default, the files are named id_rsa and id_rsa.pub and are stored in the ~/.ssh directory.
  • Windows

    • Download and install the PuTTYgen software from the official website [2].
    • Launch PuTTYgen and click on the Generate button.
    • You will have to move the mouse over the blank area to create some entropy.
    • Once the key is generated, you can enter a comment (for example your email) and a passphrase to secure it.
    • Then, you will have to save your public key and your private key in separate files by clicking on the Save public key and Save private key buttons.
  • macOS

    • The procedure is similar to Linux.
    • Open a terminal and type the following command: ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • SSH keygen will create a new pair of SSH keys using your email as a label.
    • You can choose the location and name of the file where to save your private key, as well as a passphrase to protect it.
    • By default, the files are named id_rsa and id_rsa.pub and are stored in the ~/.ssh directory.
  • Android

    • Download and install the ConnectBot application from the Play Store [5].
    • Open ConnectBot and press the Menu button.
    • Select Manage Pubkeys.
    • Press the Menu button again and select Generate.
    • Choose the type of key (RSA or DSA) and the size of the key (2048 bits or more).
    • Enter a nickname for your key and press Generate.

Using a NFC HSM USB drive

Once you have created your pair of SSH keys, you have to move the private SSH key into the flash memory of the NFC HSM USB drive. To do this, you have to plug the NFC HSM USB drive into the USB port of your computer or smartphone, and use the following command:

sudo mv ssh_private_key /usb_directory

This command will move the file containing your private SSH key (for example id_rsa or private.ppk) to the directory corresponding to the NFC HSM USB drive (for example /media/evikey or /storage/evikey). You have to replace ssh_private_key and /usb_directory with the appropriate names according to your case.

Once you have moved your private SSH key into the NFC HSM USB drive, you can lock it contactlessly with your smartphone. To do this, you have to use one of the three Android applications that embed the EviKey NFC HSM technology: Evikey & EviDisk, Fullkey Plus or Freemindtronic (FMT). Here is how to do it for each application:

With Evikey & EviDisk or Fullkey Plus or Freemindtronic (FMT) Android NFC app

  • Open the application on your smartphone.
  • Select the NFC HSM USB drive that you want to lock.
  • Press the Lock button.
  • Approach your smartphone to the NFC HSM USB drive to lock the access to the flash memory.

Authentication via SSH with a NFC HSM USB drive

You have prepared your NFC HSM USB drive and copied your public SSH key on the computer or remote server that you want to connect to via SSH. Now you can authenticate via SSH with the NFC HSM USB drive. Here are the steps to follow:

  • Plug the NFC HSM USB drive into the USB port of the smartphone
  • Open the Android application of your choice
  • Select the option “SSH Authentication”
  • Enter the information of the computer or remote server (IP address, port, username)
  • Select the private SSH key stored in the NFC HSM USB drive
  • Approach your smartphone to the NFC HSM USB drive to unlock the access to the flash memory
  • Validate the SSH connection
  • Access the terminal of the computer or remote server

The method allows you to authenticate locally, on a computer or on a server. Here are some examples of use cases:

Local authentication

You can use the NFC HSM USB drive to authenticate locally on your own computer or smartphone. That can be useful if you want to execute commands as another user, for example root or sudo. To do that, you have to enter the information of your computer or smartphone as IP address, port and username. For example:

ssh -p 22 root@127.0.0.1

It command will connect you via SSH to your local computer as root, using port 22 and IP address 127.0.0.1. It is a special address that always designates the local host. You will have to approach your smartphone to the NFC HSM USB cdrive to unlock your private SSH key and validate the connection.

Computer authentication

With the NFC HSM USB drive, you can authenticate on another computer that you have access to on the network. Such can be useful if you want to access files or programs that are stored on that computer, or if you want to perform maintenance or troubleshooting operations remotely. To do such, you have to enter the information of the computer that you want to connect to as IP address, port and username. For example:

ssh -p 22 alice@192.168.1.10

Local SSH will connect you via SSH to the computer whose IP address is 192.168.1.10, using port 22 and username alice. You will have to approach your smartphone to the NFC HSM USB drive to unlock your private SSH key and validate the connection.

Server authentication

The EviKey NFC HSM USB drive lets you authenticate on a remote server that you have access to via the internet. This can be useful if you want to administer a website, a database, a cloud service or any other type of server. To do this, you have to enter the information of the server that you want to connect to as IP address, port and username. For example:

ssh -p 22 bob@54.123.456.78

That command will connect you via SSH to the server whose IP address is 54.123.456.78, using port 22 and username bob. You will have to approach your smartphone to the NFC HSM USB drive to unlock your private SSH key and validate the connection.

Comparison of Secure Storage Solutions for SSH Keys

EviKey NFC HSM USB Drive: Redefining the Paradigm

The search for dependable, efficient, and secure storage for SSH private keys has evolved from a mere task to a pivotal mission. In a digital landscape riddled with threats, the EviKey NFC HSM USB drive emerges, not merely as a product but as a groundbreaking shift towards cybersecurity, regulatory compliance, and user-friendliness.

Cybersecurity and Safety: A Synergy

Combining cybersecurity (safeguarding digital assets) and safety (protecting the device itself) is a hallmark of the EviKey NFC HSM USB drive. The drive’s construction inherently merges these two dimensions. With electrical and thermal safeguards, ESD protection, and an integrated self-diagnostic system, it’s evident that the EviKey drive is designed not just to store but to fortify.

Simplicity Meets Security: Seamless SSH Key Storage

EviKey has revolutionized the SSH key storage process, doing away with complicated software or intricate steps. Upon unlocking the USB NFC HSM through a contactless mechanism, it presents itself as a standard medium on various operating systems. Users can then smoothly transfer SSH keys to this space. In its locked state, the drive becomes virtually undetectable to both computing and mobile platforms, ensuring unparalleled security. Furthermore, the option to fortify security with an additional password layer is available to users.

Normative Compliance: Setting the Gold Standard

EviKey’s technological prowess is evident in features such as NFC signal energy harvesting. This includes a state-of-the-art black box monitoring system. Additionally, there’s an assurance of data persistence for an astounding 40 years without needing an external power source.

Technological Advancements: Beyond the Ordinary

EviKey’s technological prowess is evident in features such as NFC signal energy harvesting, a state-of-the-art black box monitoring system, and an assurance of data persistence for an astounding 40 years without needing an external power source.

At a Glance: EviKey Versus the Rest


Criteria EviKey NFC HSM Nitrokey Yubikey SoloKeys OnlyKey Trezor
Storage Capacity 8GB-128GB 32KB 32KB 32KB 32KB Limited by key size
SSH Key Capacity Over 4 billion About 24 About 24 Up to 24 Up to 24 Several
Contactless Authentication Yes, via NFC No Yes, NFC or USB Yes, NFC or USB Yes, NFC or USB Yes, via USB
Physical Device Security Enhanced with attack detection & self-destruct Standard with PIN lock Standard with PIN lock Standard with PIN lock Standard with PIN lock Standard with PIN lock
OS Compatibility All OS All OS All OS All OS All OS All OS
SSH & OpenSSH Protocol Compatibility Yes, via OpenSSH Yes, via PKCS#11 Yes, via PKCS#11 Yes, via PKCS#11 Yes, via PKCS#11 Yes, via GPG
SSH & OpenSSH Authentication Modes Five-factor (MFA) Two-factor (2FA) Two-factor (2FA) Two-factor (2FA) Two-factor (2FA) One-factor (1FA)
Users for Contactless SSH & OpenSSH Unlocking Six different users None One user One user One user One user
Patents Three international patents None None None None None
Electrical Protection Integrated with intelligent regulator No No No No No
Thermal Safeguards Functional & thermal sensors with breaker No No No No No
ESD Protection 27kv on data channel No No No No No
Physical Robustness Military-grade resin; Waterproof & Tamperproof No No No No No
Security from Attacks Inclusive of invasive & non-invasive threats No No No No No
Limit on Auth. Attempts 13 (modifiable by admin) No No No No No
USB Port Protection Fully independent security system No No No No No
Contactless Security Energy Harvests energy from NFC signals No No No No No
Black Box Monitoring Comprehensive event tracking No No No No No
Fault Detection In-built self-diagnostics No No No No No
Memory Write Count Monitors flash memory health No No No No No
Data Persistence 40 years without external power No No No No No
Temperature Guard Ensures optimal performance No No No No No
Auto-lock Duration Admin-defined (seconds to minutes) No No No No No

Unveiling the NFC HSM USB Drive EviKey’s Innovations

Deep Dive: Why EviKey is the Leading Choice

With standout features like the swift auto-lock function, EviKey solidifies its position as a market leader. Its rapid automatic re-locking capability, combined with easy NFC unlocking, minimizes vulnerability windows, ensuring top-notch security. The EviKey NFC HSM USB drive signifies not just storage but an investment in unparalleled SSH key protection.

Physical Robustness: Beyond Conventional Protection

Designed with precision, the EviKey NFC HSM USB drive is adept at handling adverse conditions. Enclosed in a military-grade resin, its robustness parallels that of steel. Its unique construction ensures the EviKey drive’s resilience to damage, and its waterproof quality even allows it to operate underwater. Beyond the physical, the drive also provides countermeasures against invasive and non-invasive brute force intrusions.

Independence from Encryption Systems: Freedom of Choice

EviKey NFC HSM USB drive’s design is devoid of a pre-set encryption system, a strategic move to offer users flexibility and security. This choice ensures evasion from issues tied to outdated or flawed cryptographic elements, which may require user updates. This architecture offers users the autonomy to choose their preferred encryption method for data storage on the EviKey drive. Furthermore, the option for drive segmentation allows users to create specific encrypted sections, such as a BitLocker space, diversifying its applications.

Versatility: A Universal Key

EviKey NFC HSM’s adaptability is not limited to SSH key storage. Its versatile nature allows integration with various security ecosystems. The drive can serve as a decryption key for encrypted SSDs, HDs and SDs TPM2.0. Moreover, its compatibility extends to password management, functioning as a password manager or a token, harmonizing with other advanced technologies from Freemindtronic such as EviCode HSM OpenPGP and EviPass HSM OpenPGP.

Conclusion

You now know how to create an SSH key under different operating systems, how to use a NFC HSM USB drive to store your physically externalized private SSH key, and how to use the public SSH key to authenticate locally, on a computer or on a server. You can thus enjoy a secure and convenient authentication method, without needing a password or additional software, while benefiting from an industrial level of security equivalent to SL4 according to the standard IEC 62443-3-3.

If you have any questions or comments, feel free to contact Freemindtronic SL, designer, developer, manufacturer and publisher of applications embedding the EviKey NFC HSM technology. You can also buy the products integrating this technology from Freemindtronic’s partners.

FIC 2015 Distinction Excellence 19th Most innovative international startup

FIC 2015 Distinction Excellence 19th most innovative international cybersecurity startup with Freemindtronic EviKey USB stick unlock contactless by nfc phone invented by Jacques Gascuel

FIC 2015 Distinction Excellence Freemindtronic

The jury of the 9th FIC 2015 Distinction Excellence has nominated EviKey NFC Rugged USB Stick & EviDisk  NFC Rugged SSD Sata 3 unlock contactless via an NFC phone. 
 
Award FIC 2015 EviKey NFC rugged USB Stick & EviDisk NFC rugged SSD Sata 3 unlock contactless by nfc phone Freemindtronic Andorra.
 

Award FIC 2015 EviKey NFC rugged USB Stick & EviDisk NFC rugged SSD Sata 3 unlock contactless by nfc phone Freemindtronic Andorra

EviKey and EviDisk have won other awards such as the 2014 Embedded Systems Award. To learn more about this award click here.

Top 19 – FIC 2015

Award FIC 2015 Freemindtronic is nominated among the 19 finalists of the most innovative startup in cybersecurity Andorra EviKey nfc usb stick and EviDisk nfc ssd sata 3 unlock contactless

NEWS PROVIDED BY
FIC 2015
20-21 Janvier 2015
Related Links
www.globalsecuritymag.fr

SHARE THIS ARTICLE

The story of the first NFC hardened USB stick EviKey

Award 2014 NFC EviKey® the story of the first hardened USB stick and NFC EviDisk® SSD Sata 3 unlockable contactless by Freemindtronic Andorra


The story of the first NFC hardened USB stick EviKey & EviDisk unlockable contactless

The story of the first NFC hardened USB stick EviKey that can be unlocked without contact and invisible computer systems begins with inventor Jacques Gascuel.

EviKey is a contactless USB stick which works via an NFC phone. It already has the principle of EviCypher technology. Indeed, it already carries a multi-criterion automated authentication system. It is the first physical multi-factor authentication (MFA) system that can be administered by an unfalsifiable black box.

Let’s start the story of the first contactless unlockable hardened USB stick created by the inventor, Jacques Gascuel  [1]. He  has implemented technology from his patented inventions internationally. For almost 10 years, he has been deeply convinced that the greatest risk will come from the hyperconnection of access controls and their centralization, under the guise of the public interest. That this risk will be all the greater when the burden of proof is reversed, so that user will be technically and financially unable to absolve himself of this legal responsibility.

The inventor includes in his reasoning for the design of electronic safes that there is a significant risk if the access control system is visible,such as a lockand/or keyboard and/or a screen and/or via software. That the best security in the world is human thinking, in contrast to other digitized biometric systems that can be corrupted. The password derived from human thought is becoming more and more complex to implement, due to the exponential increase in connected calculators. According to the inventor, it is necessary to design an augmented thought of man to oppose his own supercomputers.

A real challenge that the inventor will take up for several years to design electronic safes nomadic inviolable.

In the first phase of his research, he had to answer a first question. Is it possible to create real electronic safes for universal portable use without the use of data encryption? Can we create a universal, hyper-mobile security system that does not use an encryption system but only physical security in the sense of Cybersafety? A system, in fact, that can be used all over the world by people with no particular skill. A solution that is non-intrusive, for everyday use, always secure by default, that does not violate any of the rules of international law, and above all that allows to no longer expose man to the attainment of his physical and/or psychological integrity?

The inventor has entered into a disruptive reasoning of Cybersafety, as opposed to Cybersecurity solutions that refer to digital safes. The inventor believes that Cybersecurity is the physical security of Cybersecurity, which is digital. The inventor, a graduate in industrial electrical engineering, will base his research on the implementation of Cybernetic solutions. How can this physical security approach based on industrial normative elements such as ISA/IEC 62443  mitigate or even prevent an intrusive or non-intrusive cyberattack? The first lead was the implementation of its international patent FullProtect  WO/2010/086552,  a device to monitor and protect the power and/or environment of an electrical device, equipped with a black box. An invention that allows, in particular, to establish, by physical evidence, the implementation of the criteria  MTTF,  MTBF,  MTTR and establish the TDM index . To learn more about the features and added values of an electronic safe click HERE.

The inventor’s idea is to find a way to prevent, or greatly limit, the possibility of calculating machines. The inventor imagines an autonomous, unconnected electronic safe that uses various physical, analog, logical, digital, use and legal factors that combined make it extremely complicated, computing by the machine. This will require a physical brute force attack on this electronic safe.

The inventor then designed the first MFA Offline Cyber-sterity system to assist man and allow him to defend himself against his own quantum calculators.

We will tell you the story of the birth of the electronic safe of inventor Jacques Gascuel.

The inventor assumes that the only indisputable, and undisputed, way to secure access controls is that they are never connected and totally autonomous, under the control of the man and/or the legal person.

Such an implementation would make a physically remote attack physically impossible. It talks about the principle of the physical electronic safe unconnected MFA, which implies a proximity to open the door of the electronic safe. According to the very principle of an electronic safe, this system must form a block, without any door other than that locked by an access control, via a code defined by the user. The problem of user authentication remained, and thus the use of the code illegally.

This involved designing an unconnected system, capable of providing a set of factors that would establish the near certainty that it is indeed the user and/or a rightful person.

This risk is increased if this access control is connected to a computer system and/or connected to a local server and/or remote with databases. This is a major breach to carry out attacks via the computer systems where it is connected. This risk increases significantly when access control codes are contained in computer systems and/or remote databases. We all know that they are regularly attacked because they are always accessible from a distance.

The birth of the principle of material invisibility as a physical security component of Cybersecurity

The inventor is aware that the impossibility criterion is a bold claim to be implemented in Cybersecurity. However, if it adds physical security, the foundation of Cybersafety, it makes the solution physically invisible, undetectable and untraceable. Making a physically invisible electronic safe of computer systems has become the preferred focus of the inventor’s research and development.

The term impossibility can legitimately be used, within the limits of the state of the art. Similarly, the inventor considers cyber deterrence to be part of the impossibility factor, especially when the brute force attack means implemented are disproportionate to the interest of the attack. The inventor includes the psychological aspect, …. Doubt! Indeed, consider an attacker who has no certainty of finding the coveted data because it is not directly visible, this will generate a doubt strong enough to be a deterrent. According to this approach, the attacker is also not certain whether the time it will take will not exceed the time it would take the owner of this data to make it obsolete, and therefore worthless for the attacker. The inventor therefore includes doubt as a factor of Cyber Dissuasion in the implementation of the Cybersafety of his electronic safe.

The inventor believes that the absolute security of information systems must be two-headed in the sense that Cybersecurity is the digital component of physical security.

Cybersûreté VS Cybersécurité

Cybersecurity is the physical security in contrast to Cybersecurity which is digital security. This is an approach rarely taken into account in information systems engineering that considers it legitimate that Cybersecurity is outside the realm of Cybersecurity. However, experts in these two spheres of safety agree that the complementarity between safety and security is unquestionably complementary in order to prevent the risk of accidents and/or malicious acts.

Even on the margins in the development of specifications or in the offer of Cybersecurity solutions products and services, Cybersecurity is now essential as digital systems are networked. We are in the era of “hyper-connected.” Cybersafety according to the inventor must also be taken into account from the outset in terms of risk management as defined by various ISO/DIS 34001 (SMS), CNPP 1302 [FR], ISO/IEC 27032 (digital security), ISO/IEC 27001 (SMSI), ISO/IEC 29100, CENELEC 50131-1, 50133-1, 50134-1, 50136-1, 50518-1, IEC 60839-11 [series]. A recurring divide on the interpretation of standards, specifically in their translations of English into French; the word “Security” has been translated as “security” instead of “security” in the sense of physical security. This contributes to the marginalization of the consideration of Cybersafety, and consequently, the distinction between digital safe and electronic safe.

The implementation of the electronic safe has created technological locks to be lifted

How to design a physically invisible access control, totally autonomous in electrical energy, disconnected from computer systems, disconnected from any type of network? The inventor’s idea is to design a system that is physically isolated from computer systems. It seems impossible to attack what doesn’t physically exist, either remotely or nearby.

How can this approach be implemented?

To implement the theory of invisibility, it was necessary to be able to oppose an intrusive and/or non-intrusive brute force attack. The inventor had to find a way to resist physical attacks, especially on the electronics of access control, without reducing the speed of data transfer on the USB port and SATA. The inventor then devised an electronic system with many countermeasures against physical attacks. It is a system that locks access to the contents of the memories, permanently depending on the level of attack detected. The inventor finds a patented, military-grade resin to coat all the electronics, leaving only the USB or SATA connectors. Hardened to the extreme, close to steel, the electronic safe is now equipped with a shell capable of withstanding various mechanical stresses of several tons, thermal or acidic. Attempting to remove the shell is taking the risk of triggering the countermeasures, but also of irreversibly destroying the memories.

Hardening the electronic safe has spawned other technological locks

The complete coating of the electronic card makes it impossible to repair in case of electrical, thermal, component or assembly defects. This makes it very complex to diagnose the origin of the defect automatically, and be able to access from the outside, without going through the USB and SATA connectors. This is where the Fullprotect invention comes into play, an intelligent asymmetrical circuit breaker with a black box that traces any type of electrical, environmental and/or use event. This electronic safe is then equipped with a system of electric multi-protections by automatic galvanic insulation on the power supply, with electrostatic protection on the exchange of data via the USB port or SATA, making the whole resistant to surges. Another three-point thermal environment self-protection device is capable of self-locking the electronic safe, when the temperature is above 70 degrees.

These electronic devices are coupled with the Cybersafety system, which has several advantages. The controlled galvanic insulation protects electrical hazards and insulates it from computer systems, making the electronic safe undetectable. An intelligent maintenance system is then embedded in the system. Its mission is to prevent the electronic safe from being used in temperatures that could damage the electronics. The same device is also used to detect a thermal brute force attack on three points. This type of physical intrusive brute force attack involves exceeding the thermal resistance by more than 220oC.  Such an attack will in fact result in the destruction of electronic components, especially memory, irreversibly. Thanks to the implementation of the Fullprotect invention in these electronic chests, an unfalsifiable black box is present to preserve the various traces of these events and constitute an opposable physical proof.

How do I lift the MFA’s energy autonomy locks?

For the inventor, one last important problem remained to be solved: how, without a source of electrical energy, without using the electrical energy provided by the USB or SATA port, physically administer the access control through the coating and the case?

The solution found by the inventor is THAT of STMicroelectronics’ NFC technology in industrial version, NFC ISO/IEC 15693, which runs without battery, powered via a NFC-enabled Android-enabled computer (Smartphone). In addition, this component incorporates the recovery of energy capable of powering on-board subsystems, including the access control system. These industrial components have many other advantages. They have electronically secure non-volatile memory that can hold stored data for at least 40 years without an electrical source. They also allow 1 million cycles of writing per memory block, without error.

The mobile contactless electronic safes with black box were created under the technological name EviKey One NFC and EviDisk One NFC, under the trademarks of the inventor,  EviKey® for the USB stick and  EviDisk® for the 2.5-inch 7mm Sata III SSD.

But, beyond being able to dynamically carry out all types of actions via contactless technology, a new problem has beenborn, the Cybersecurity of the use of electronic safes. Indeed, it is necessary to have an Android/NFC smartphone to use the electronic safe. However, the smartphone is connected to it, thus exposed to the risk of remote attacks and/or proximity on the exchange of data via the NFC signal.

The Evikey NFC solution receives the 2014-2015 “Connected Object” Package with its Physical Cybersafety technology in a USB stick on November 24, 2014 in Paris Bercy. This innovation is twice nominated for the Boarding Assises: “critical on-board system” and “connected object.” This National Trophy recognizes the connected object project that has provided the most innovative service to the general public or professionals.

Paris Bercy 2014 : https://www.entreprises.gouv.fr/numerique/trophees-embarque-2014 (this page has been removed https://www.entreprises.gouv.fr)

The “Assises de l’Embarqué.fr: http://www.assisesdelembarque.fr/trophees-de-lembarque/trophees-de-lembarque-2014

Captronic : https://www.captronic.fr/Les-laureats-des-Trophees-de-l-embarque-2014.html

Electronic Press (http://www.electroniques.biz):

Embedded Trophies 2014: six companies rewarded for their innovations

lembarque.com : Freemindtronic EviKey Evidisk won the 2014 Embedded Technology Awards 

The inventor had to find other systems to increase the Cybersecurity and “Cybersecurity” of MFA access control for its mobile electronic safes

The various problems to be solved are known and bring up technological locks. How do I protect the access control of an attack from the smartphone? How to identify the hardware used and authenticate the right or user to unlock the electronic safe, knowing that the smartphone is connected and can be very easily corrupted? How do I detect a brute force attack on the NFC? How can I prevent listening to the NFC signal to pick up the information? How can you physically prevent a malicious person or robot from accessing the electronic safe? How do I prevent a keylogger-type attack? How can I prevent the code from being entered on the smartphone screen? How do I limit the number of code tests, even in unlocked mode? How do I identify the electronic safe in a no-use area? How to give the illusion that the electronic safe is broken? How can the electronic safe be used on a daily basis without the burden of security or even the cause of a loss of productivity? How do you detect the end of the use of the electronic safe without having access to the data flow? How do you systematically lock the electronic safe without taking the risk of damaging the data? How do you give up a passcode that you think is corrupt? How do I create a temporary passcode? How do you put all the information back from the black box to serve as physical evidence? How do you simply plot the geolocation of the use of the passcode and the type of code used? How do I notify the user, even if the electronic system fails, the origin of the malfunction? How do I tell the user how long it will take to use memory without error? How can we ensure that the electronic safe is never obsolescent in time? Finally, could this solution save a life?

The inventor has found an answer to all these and many other questions, thanks to another of his patents, Fullsecure[2]  , a stand-alone wireless access control system.

One of the most important challenges remained, the simplicity of use

The inventor’s goal is to offer individual, self-secure, unconnected, obsolescence-free, always accessible, extremely accessible, mobile, very simple to use on a daily basis, for personal and/or professional use, without financial commitment, without a license, multi-station, untraceable and undetectable.

He wanted to offer his owner the least intrusive electronic safe in the world, without drivers and software to install in his computer. An electronic safe compatible with all Windows, Linux, iOS, Raspbian, OS2, Android (OTG) operating systems that use a USB port.

A hardened electronic safe designed to last until the natural end of the components’ life. Multi-protection systems against electrical, electrostatic, thermal, mechanical, immersion in liquid, dust, ultraviolet light, heat source, magnetic field, X-rays.

An electronic safe with a black box that tells the user, in real time, the state of its physical functioning, capable of self-diagnosis and informing the user of the origin of the defect.

The freedom to adapt the level of security of these electronic safes to suit exposure to risk

A system freely set up by the user, via an administrator password, allows you to choose how to unlock the electronic safe. It can also be used in unlocked mode. In the latter case, the user uses his electronic safe in an environment where he feels there is no risk. It uses its EviKey®  or EviDisk® as a standard USB stick or SSD.

How do you make Cybersafety non-binding for the user to avoid being tempted or forced to use another unsecured system?

The inventor believes that the use of safety, when it is binding, generates counter-productivity and is naturally circumvented by man. In fact, the inventor has planned different scenarios that allow the man to change the unlock mode very easily. Man is therefore empowered to adapt the level of security of his electronic safe according to his exposure to risks. When the risk is zero, the man must be able to leave the electronic safe always unlocked. This point eliminates the risk of counter-productivity. This mode allows the man to have the comfort of using a standard USB stick or external disk.

A free mode of Cybersafety by use control

The mere fact that the electronic safe is permanently unlocked creates a risk to the use, because the contents of the electronic safe are always exposed, especially when the sensitive data is not encrypted. The inventor therefore took into account this problem of exposure to the risk of connected data via a removable medium. The right balance had to be struck between safety and comfort of use.

A major constraint for the inventor: the inability to access the fully deconstructive data flow of the MFA access control system and the absence of a battery excluding the use of a clock.

The inventor’s idea was the implementation of a timer in correlation with the Cybersafety system and the black box. The user defines a time, in seconds, during which the Cybersafety system counts, via Fullprotect’s electrical analysis device, the data flow. Thus, when the countdown is reached, the electronic vault is auto-locked and the data stream is inactive.

Thanks to this method, the inventor found the right balance in usage. A system that detects when the electronic safe is not used to self-lock. It is the user who defines how long the electronic safe remains unlocked. The user will need to identify himself to unlock the electronic safe.

With this feature, the user can adjust the use of the electronic safe to his environment, while maintaining a level of self-safety over time. A time that is automatically interrupted when the electronic safe is disconnected from the USB or SATA port. In the same way if the power of the USB or SATA port is disabled by the computer system.

Let’s discover the different ways of unlocking these electronic safes designed by the inventor

A mode that requires the entry of a password to unlock the electronicsafe. A proprietary secure keyboard is used with randomly changing keys, which has the effect of combating malware that records key inputs to the Keylogger type keyboard. This system also helps to limit the risk of visual corruption when entering the password (a person looking over your shoulder for example). Indeed, it is very complex to remember the order of keys that change randomly. In addition, this system allows you to participate in the authentication of a person.

Another mode allows you to unlock the electronic safe without the need to enter the password. After recording the identity of their smartphone in the electronic safe (pairing procedure), the user can unlock it by simply presenting his smartphone to the electronic safe, without contact. The user has the ability to register up to three smartphones.

These two modes can be used interchangeably, this has some advantages. Consider two users, one has knowledge of the password and the other does not. But the latter can unlock the electronic safe with his NFC smartphone, without entering the password.

This is a convenience to avoid having to enter a password or to manage two user profiles, one of which uses only the password. However, this comfort does not cover the risk when the smartphone and electronic safe are stolen or lost together. The electronic safe can then be unlocked without the need to enter the password. To cover this risk, the inventor has planned a multi-factor mode that includes three elements: the pairing key, the smartphone’s identity and the password; the concept of a simplified physical blockchain was born.

The safety of using the electronic safe

Let’s imagine a user on the move, which implies that the level of risk is very high. It must be able to choose the highest and, indeed, most restrictive mode of security. The user leaves the comfort of unlocking with his smartphone without a password, to include a multi-factor control chain in case of theft and/or loss of the electronic safe and/or his smartphone. In case of theft or loss of the electronic safe, the malicious person will have to guess the pairing key, the identity of the paired smartphone and the password. Knowing that after 3 unsuccessful tests, the electronic safe is temporarily blocked and that the maximum allowed test is 13 before a permanent blockage.

Cybersafety against the violation of human physical and/or psychological integrity

The inventor asked himself about the risk of an attack on the physical and/or psychological integrity of an electronic safe user in order to obtain the password?

The inventor’s idea was that the electronic safe must have an advanced system of administration and user management, permanent or temporary. The administrator of the electronic safe has the option to assign a specific passcode to the user of the electronic safe, without him being able to know the administrator password.

The emergency feature called “user password forgetlessness” is born, which allows a user to delete their password. This emergency system can be activated at any time, very quickly, if it feels that its password is corrupt or that it can be corrupted. In fact, only the administrator will be able to recreate a new user password. This is the birth of the physical blockchain simplified by use. A disruptive approach to the use of oblivion in the value chain of Cybersafety as a physical barrier. This protects the physical and/or psychological integrity of the man vis-à-vis an attacker who wishes to obtain the user’s password against his consent.

Imagine an investigative journalist who goes on a mission abroad to interrogate opponents of a dictatorial regime. The information collected by the journalist is digitally housed in the electronic vault. Such information may impair the physical integrity of the interviewees or the journalist. How can the journalist resist a physical and psychological constraint not to give the password to access the electronic safe? The inventor has found a solution! If the user no longer has access to the password because he has voluntarily abandoned it, and this fact is known to the attacker, it will be useless to try to obtain from the user the administrator password that he never knew about. Only the editor (administrator) has the power to unlock the electronic safe. This does not remove the risk that the attacker will remotely pressure the editor to obtain the admin password. However, the objective is achieved, the one where the attacker has no interest in attacking the journalist. And at the same time, the digital data in the electronic safe remains locked in access. The attacker will have to be able to force the electronic safe to access the data it contains.

This case demonstrates the clear role of the importance of cybersecurity vis-à-vis Cybersecurity, the first flaw of which would be humans. On closer inspection, the inventor’s innovations put man at the center of his own enhanced security in the face of malicious attacks by man or his machines.

Cybersafety by physical silos

The inventor performed a physical silo of the rights holders, i.e., an administrator profile and user profiles, indeterminate or limited-time. There is talk of an additional factor to unlock the electronic safe, so as to block any attempt to pair the electronic safe with another smartphone. The power of Cybersafety makes it physically impossible to simply connect with the electronic safe without the pairing key. Even if the pairing key is corrupted, you also need to know the administrator and/or user password to unlock the electronic safe.

The traceability of events by unfalsifiable embedded black box, accessible without contact via the smartphone

The inventor took into account the burden of physical proof in the legal sense of the term, capable of opposing other forms of evidence constituted in a numerical way; which can be manipulated. This is one of the aspects claimed in the internationally extended Fullprotect patent.

Thus, the inventor has integrated in his electronic safe a black box that traces all types of events, which depending on their importance are recorded, such as an attempt to attack physical or digital brute force.

Such a recording in the black box of the electronic safe is not without consequences in the implementation of countermeasures imagined by the inventor whose secrets he does not reveal.

The most extreme consequence is to render the electronic safe irreversibly unusable.

Intrusive and non-intrusive brute force countermeasures

The inventor considered several aspects of brute force attack targeting cyber safety.

Dismissing non-intrusive brute force attacks was quick. It was more complex for the physical attacks of the man of the trade, the electronics engineer.

With regard to non-intrusive attack, the inventor excluded the use of encryption systems in the implementation of Cybersafety, rendering it unnecessary to use thermal, magnetic, electrical, electromagnetic or radio frequency analysis to try to guess the encryption system used. Indeed, the security system is completely independent of the digital support of the electronic vault where digital data is stored. This system is completely autonomous in electrical energy, without battery, and has only one input and exit, the industrial NFC system. This excludes all these forms of brute force attacks.

Remains the physical brute force attack that involves being in contact with the electronics of the electronic safe. An extremely strong resin and very sticky to the components makes it very dangerous to remove the resin without irreversibly damaging the electronic system, especially the memory. Traps have been built to detect intrusions and cause the electronic safe to be permanently locked through the black box.

The digital brute force attack remained to unlock or activate denial of services. The inventor also predicted these cases of species.

All these attempts are managed and activate countermeasures that block this type of attempt.

In the case of a robotic attack the attacker must create algorithms that take into account random physical variables related to physical elements specific to the electronic components used. This makes it almost impossible to create an algorithm capable of guessing these time factors, some of which are variables derived from random physical elements that depend on various thermal, electrical and usage factors.

To maintain a known use of the public, the inventor uses a system used for bank cards or SIM cards of phones.

In this case, three tests (PIN and/or mobile) are authorized to unlock the electronic safe.

After 3 unsuccessful attempts, access is blocked for 15 minutes. The event is recorded in the black box that activates the light signaling of the electronic safe (two green and blue LEDs flash alternately).

The inventor added the requirement to leave the electronic safe connected to the USB or SATA port during the locking period. Any disconnection involves reseating the countdown. This forces the attacker to leave the robot connected to the key. The Cybersafety system has a very precise electrical analysis system; any positive or negative change results in the meter being reset.

After these first 15 minutes it is possible to try again. If the entered password is correct, the electronic safe unlocks and the test counter is reset. The event is kept in the black box. If the PIN or mobile is not correct, the electronic safe is blocked again for 30 minutes this time. With each new error, the delay is multiplied by 2.

This implementation, conceived by the inventor, was intended to deter an attacker from generating a denial of services, i.e., to prevent the user of the electronic safe from using it permanently.

Thus, the attacker will have to wait a few months to be able to seize the 13th unsuccessful test, and thus make the electronic safe permanently locked.

Visionary the cyber-safety of these electronic safes in the service of BYOD, CYOD, COPE already compatible before the birth of the RGPD

Meaning BYOD acronyms “Bring Your Personal Device,”  CYOD  “Choose Your Company-Approved Personal Device,”  COPE  “your personal device purchased by the company.”

10 years earlier, the visionary inventor took into account the problem of the use of private equipment for professional use, which posed a problem related to the privacy of mobile data of various origins, both private and professional or computer systems.

BYOD, CYOD and COP are not framed in the same way at the legal level, which complicates the implementation of the security charter in a company, especially on mobile data such as USB sticks and external discs connected via a USB port. The latter poses a greater risk due to the memory capacity of several terra Bytes.

The use of data encryption is recognized as the only way to secure the data. But the reality is different in the use and security of passwords, encryption keys and/or decryption.

The inventor knows that in everyday use, the complexity of implementing a trusted encryption system is time-consuming, which reduces productivity. In fact, humans bypass the problem by using the unsecured BYOD to transport sensitive data. Similarly, the password entered to decrypt may be corrupted by various brute force attack and/or espionage.

The inventor wonders how to ensure that the Cybersafety system is able to independently cover all these risks? To solve this problem, first, he splits the types of uses into two: an individual use that he identifies as “Premium” and a collective use that he identifies as “Pro”.

Then he comes to the conclusion that the electronic safe is upstream of the backup of the mobile or fixed data, making it a common core. Thus, the mere fact that the principle of the operation of the electronic safe is closed by default and that a password is required to access the data, whether encrypted or not, constitutes a common physical barrier to all these uses. In fact, it is enough to manage the type of use and their use rights.

The professional version was born, which has a separate administration system for users of the electronic safe and an individual version whose administrator is also the sole user.

In case of loss or theft, the electronic safe is always locked which prevents access to the data it contains whether it is private or professional.

Thus, regardless of the choice of the company, CYOD, BYOD or COPE, the inventor’s electronic safes are legitimately compatible with the rules of law in force, notably with the RGPD and the decree 2018-418 of May 19, 2018 coming into force on January 1, 2019. (See on LinkedIn the article of June 13, 2018 https://www.linkedin.com/pulse/pourquoi-les-coffres-forts-%C3%A9lecttronics-nfc-offline-de-gascuel)

As part of a COPE use, the company has a function that allows it to administer a profile of the use of the electronic safe that is required of the permanent and/or temporary user. The black box traceability, allows the administrator to have a history of use, some of which are geo-located.

A 100% stealth mode can be activated by disabling LEDs. In fact, the locked electronic safe, undetectable computer systems, simulates the symptoms of a USB stick that doesn’t work. Similarly, the extinction of LEDs makes it possible not to visually indicate that readings or writings are carried out with the electronic safe. Conversely, the choice of colors, and/or the extinction of one of the LEDs, makes it possible to identify the electronic safe among others. This mode is also convenient for viewing the use of an electronic safe in a prohibited or authorized area. Let’s take the example of an entire service that uses keys whose LED flashes pink when writing or reading data, if the manager sees a key flashing yellow, he will know that this key is an intruder.

The inventor aware of the problems related to the use of USB sticks and external discs in the company has provided a concrete response with the use of his electronic safes.

It was up to the inventor to lift the last locks! How can we make the connection to electronic safes universal to any type of computer system?

Finally, the inventor had to find a way to be as intrusive as possible, when the electronic vault is connected to a particularly professional computer system that prevents the installation of unauthorized software by the information systems manager.

This problem was naturally solved when the separation of the security system and the non-volatile physical memory where the data is housed was implemented.

Indeed, since the security of the electronic safe is separated from the support, there is no need to secure the USB port or the SATA of the SSD disk, so there is no need to install security software on a computer system. In fact, all computer systems that use a USB or SATA port are immediately compatible with safes. No need for drivers or software to install for these electronic safes. This allows to respect the security constraints imposed by the company, while remaining under the control of the user.

The inventor, perfectionist, uses the speed of analog electronics systems to secure the operation of Android applications

The inventor designed two separate applications that work in the volatile memory of the NFC smartphone. FullKey NFC for EviKey NFC Pro and EviDisk NFC Pro and FullKey NFC Premium for EviKey NFC Premium and EviDisk NFC Premium. The inventor used the extreme speed of analog systems and radio frequency to exchange passwords to unlock these safes. This is a machine-to-machine (M2M) transfer between the smartphone’s NFC and the electronic safe NFC.

An intelligent physical cyber safety system is implemented at various points in electronic design to combat brute force attacks that seek to copy the weft of a radio wave produced by the NFC signal:

  • a steering branch,
  • an energy recovery management system,
  • A single peer-to-peer NFC hooking system by pairing key,
  • self-locking electronic vault memories on data exchange,
  • analysis of the electrical energy recovered by the smartphone’s NFC signal,
  • management of the speed of data transfer on NFC signal,

This listening is extremely complex to achieve because of the proximity that must exist between the smartphone and the electronic safe and the fact that the exchange of data is impulse and totally random.

Offline e-mail safes

The inventor had an unstoppable idea to fight against listening to the NFC signal! Desynchronization when unlocking the electronic safe. It adds a new variable: the unpredictable! In fact, the user can unlock his electronic safe without needing to be connected to a USB or SATA port. In fact, an attacker cannot use a computer system and/or power source as a cue to perform his listening. This effectively excludes the use of espionage. Indeed, the unlocking can be carried out anywhere, anytime, in any situation (even underwater), it physically stops any attempt to listen to the NFC signal from the inventor’s electronic safe.

Cybersecurity of Fullkey NFC Pro and Premium applications

The inventor has no confidence in the resilience of a brute force attack on applications developed on Android. In fact, it has taken into consideration immediately in its innovations that its applications can be corrupted in seconds by experts. In fact, he designs applications with a relisence criterion equal to ZERO. Thus, if the application is corrupted, no sensitive information can be used to successfully unlock the electronic safe.

The finding of the implementation of Cybersecurity for the benefit of cybersecurity of electronic safes

The mere fact of not being able to connect to the electronic safe without a pairing key is enough to establish that the inventor’s electronic safe meets all the criteria of Cyber safety.

The simple fact of not being able to unlock the electronic safe without a password, and the fact that the passwords are physically in electronics, it is also not possible to establish a connection with the electronic safe.

The inventor goes all the way to the end of the reasoning of cybersafety by black box: an on-board after-sales service and the management of obsolescence

Obviously, no doubt, never has a USB stick or an SSD been able to inform their user in real time of any type of events, including brute force attacks and to self-diagnose the state of operation of the electronic safe as well as the origin of an electronic, environmental, embedded system, use and attack intrusive or non-intrusive brute force.

Of course, all this will be true, until Jacques Gascuel’s patents fall into the public domain.

Finally, the black box allows the manufacturer, as well as the user, to know the origin of the anomalies, but not only. A flash memory usage counter is built in to estimate the risk of writing or reading errors. The aim is for the inventor to give the user the opportunity to have a trusted benchmark on his ability to retain information without error in the electronic safe. Indeed, flash memories have all the natural wear and tear due to writing that includes data erasure. This is an approximation that varies according to the memories used in the manufacture of electronic safes.

About the company

Jacques Gascuel’s patents are managed by Freemindtronic SL in Andorra.

Electronic safes are currently manufactured in France under an exclusive manufacturing and distribution license for France awarded to the SYSELEC Group in Occitanie (France).

These NFC hardened USB stick EviKey ® and NFC hardened SSD EviDisk® electronic safes are available from Freemindtronic partner’s.

You want to know more about how it works, you can view the usage guides

Fullkey Plus Android app from Freemindtronic Andorra:  https://youtu.be/ckIc7PwedaE

You can also use secret keepers with  EviCypher technology to manage and unlock EviKey  USB sticks and EviDisk SSDs.  Automatically administer and manage  your pairing keys, administrator, user and guest passwords.

[1]  Jacques Gascuel owns various patents. The PATENT WO/2010/086552 published internationally since 2010 for the technology called Fullprotect, a monitoring and protection device for power and/or environmental of an electrical device equipped with an unfalsifiable black box device. And the 2017/129887 WO/2017 patent for the technology called Fullsecure, a wireless electronic access control device with multi-factors of authentication.

[2] Patent called Fullsecure NO.  WO/2017/129887  published in 2017 for the technology called Fullsecure, a wireless electronic access control device with multi-factors of administrative authentication.

Embedded Trophy 2014 Freemindtronic

Embedded Trophy 2014 Freemindtronic Award 2014 Bercy Paris France EviKey NFC rugged USB Stick contactless unlock & NFC SSD Sata 3 Technology patented Andorra Copyright


Embedded Trophy 2014 Freemindtronic 

Embedded Trophy 2014 Freemindtronic receives the award for the best secure connected object with EvIkey NFC, a secure contactless USB key.

At the 2014 Embedded Awards, EviKey was nominated twice in the “critical embedded system” and “connected object” categories. 
 
Its inventor Jacques Gascuel, CEO of Freemindtronic, received the 2014 Trophy for secure connected objects.
 
Jacques Gascuel announced his latest innovation EviDisk, a 2.5″ – 7mm – Sata 3 SSD that is also contactless secure like EviKey. The secure contactless USB stick that wins the award.

Discover in this video, all the pictures of the Embedded Systems Conference with all the participants to this coveted Embedded Systems competition.

Discover the story behind the first EviKey NFC-enhanced USB flash drive by click here.

Discover now our other videos on our youtube channel Click here



Three Awards 2021



Embedded Trophy 2014 Freemindtronic Award 2014 Bercy Paris France EviKey NFC rugged USB Stick contactless unlock and NFC SSD Sata 3 Technology patented Andorra Copyright










NEWS PROVIDED BY
CAP’TRONIC / Embedded France / DGE
March 2013
Related Links
https://www.captronic.fr/Les-laureats-des-Trophees-de-l-embarque-2014.html

https://freemindtronic.com/electroniques-biz-trophy-2014-freemindtronic-evikey-nfc

https://freemindtronic.com/lembarque-trophy-2014

Lauréats 2014: Trophées de l’Embarqué




SHARE THIS ARTICLE





RFID Award 2014 🎙️ Jacques gascuel presents NFC USB Stick EviKey

RFID Award 2014 Interview Jacques Gascuel presents EviKey NFC Rugged USB stick secured unlocked contactless

RFID Award 2014 🎙️ Interview with the inventor Jacques Gascuel on 7-8 October 2014 in Marseille (France) participating in the RFID AWARD 2014 competitions of the 5th edition International RFID Congress scientific conferences organized by the CNRFID. The inventor presents EviKey NFC an electronic safe in the format of a hardened secure USB key.

EviKey is invisible to computer systems when it locks itself. It is a contactless unlocked electronic safe via an NFC phone. EviKey also carries a tamper-proof black box that ensures the traceability of random events. EviKey also has a technology for self-diagnosing the origin of these events.

Discover the story behind the first EviKey NFC-enhanced USB flash drive by click here.

Discover now our other videos on our youtube channel Click here

Three Awards 2021

Embedded Trophy 2014 Freemindtronic Award 2014 Bercy Paris France EviKey NFC rugged USB Stick contactless unlock and NFC SSD Sata 3 Technology patented Andorra Copyright

NEWS PROVIDED BY
CNRFID / Connectwave 
Octobre 2014
Related Links

https://www.connectwave.fr

https://www.investinprovence.com/actualites

SHARE THIS ARTICLE