RPM is available in C, C++ and Java libraries to enable developers to create secret-key methods for performing continuous, mutual authentication and transaction security.

Technical Benchmarks show that RPM is a highly efficient security method with minimal computational and network overhead.

  • Each RPM transaction can be performed in near real time, benchmarked at 5 microseconds per instantiation in software. VHDL and Verilog simulations demonstrate that RPM performs at near line speed in FGPA, ASIC or IC hardware.
  • RPM with encryption is an order of magnitude faster than standard PKI authentication and over ten times faster than the world’s fastest AES encryption – and RPM authenticates every packet, not just one like PKI.
    • RPM = 5 CPU cycles, single stream
    • Koblitz ECC = 81,000 CPU cycles ¹
    • AES-GEN = 56.192 CPU cycles, 5 stream Intel AES-NI ²
  • A RPM multicast application showed that a 10GB file when transferred contains over 7.4 million datagrams with a unique RPM key for 256 bit encryption and mutual authentication of each UDP packet demonstrating that RPM packet level security added only 2 to 5 % overhead measured at the network level with a minimal packet overhead of 1-3%.

Reference Implementations Using RPM:

RPM on a Chip (RPMC) simulations in Verilog and VHDL demonstrates RPM wire-speed authentication and security (including encryption) targeted at embedded applications in devices and sensors implemented in an FPGA (field-programmable gate-array), ASIC (application-specific integrated circuit), or Integrated Circuit (IC) semiconductor device. By converting the RPM C code into a logical description via a hardware description language, RPMC will be an extremely fast (Gigabit Ethernet), small, low-power, and relatively low-cost. By taking out the Ethernet MAC function, RPMC can be made media-independent. RPM can be designed into Ethernet, TDMA, WiMax, or proprietary communications systems for broader applications of other communications, such as WiFi, RF, SCADA, or mass-storage communications protocols.

RPM Secure TCP File Transfer API provides security of every variable payload of a file transfer, authenticating and encrypting every payload with fresh keys. The file transfer is done over TCP, using 128 bit or 256 bit AES encryption.

RPM Android API provides secure file transfer over TCP, based on the RPM Secure TCP File Transfer API. Efforts are underway to extend this API to a full Secure VPN capability similar to the RPM Secure VPN API discussed below. This API uses the Android Java Cryptographic Extensions (JCE) on the client device and JCE for Linux servers to provide 128 bit or 256 bit AES encryption, along with RPM continuous, mutual authentication.

SSLX® Web Security is a reference implementation of an extension of regular SSL that provides mutual authentication of end-users and web services in near real-time on every transmission. SSLX uses the RPM technology to authenticate and secure every web transaction.

RPM Secure VPN provides real-time, continuous mutual authentication of TCP/UDP data for every transfer between a client and a server while encrypting the data. The RPM Secure VPN API is built for Linux clients and servers using RSA and AES PKI components for secure initial key establishment, 128 or 256 bit AES encryption.

RS VPN Appliances utilize RPM to offer the highest level of security for wired and wireless data in transit over point-to-point and point-to-multipoint 10 Mbps, 100Mbps, and 1Gbps speeds between nodes on a network.

RS VPN VM is available for use on Virtual Machine (VM) instances or integration with other applications.

RS Multicast reference implementation with RPM provides multicast content distribution with mutually authenticated servers and receivers, with unique encryption keys per content payload.

 

¹ Fast Software Implementation of Binary Elliptic Curve Cryptography Manuel Bluhm, and Shay Gueron, November 10, 2013       ² Intel® Advanced Encryption Standard (AES) New Instructions Set, Revision 3.01, September 2012 & Manley, Raymond and David Gregg, “A Program Generator for Intel AES-NI Instructions”, School of Computer Science and Statistics, Trinity College Dublin, Ireland