VME Products

Select Product

Solutions

Select Industry

News & Events





         

       

       

  Visit Our Amazon Store

VME Technology



Your organization's main concern is winning and keeping business, making you a leader in your field. With technology playing an integral part of your operations, the need for proven data security is of utmost importance. Meganet's suite of software is built on propriety VME technology shields against hackers, internet theft and internal sabotage. Secure your data with the only transparent, unbreakable protection - VME technology.

The technology behind Meganet's Virtual Matrix Encryption (VME) is truly revolutionary. VME is a completely new approach to data encryption that has survived a battery of rigorous tests. No one has ever broken data encrypted with VME.

The Algorithm took 15 years to develop and nearly 4 years in review with the Patent Office. April 17th, 2001, the VME patent was approved with all of the original claims granted (#6,219,421).

View VME Patent









Virtual Matrix Encryption (VME) is a data security method and apparatus that provides an exceptional degree of security at low computational cost. The data security arrangement differs from known data security measures in several fundamental aspects. Most notably, the content of the message is not sent with the encrypted data. Rather, the encrypted data consists of pointers to locations within a virtual matrix, a large (arbitrarily large), continuously-changing array of values.

The encryption technique is therefore referred to as Virtual Matrix Encryption. Furthermore, the data security arrangement uses a very large key of one million bits or more which creates a level of security much higher than any other existing method.

The key is not transferred but instead is created from a file of any size that is available on both a computer used to send a secure message and a computer used to receive a secure message. The term Virtual Key Cryptographic refers to techniques in which a key is recreated at a remote location from an electronic file without any transmission of the key itself.

The file may be a system file, a file downloaded from the Internet, etc. A smaller, transaction-specific key, e.g., a 2,048 bit key, is sent end-to-end and is used in conjunction with the very large key to avoid a security hazard in instances where the same file is used repeatedly to create the very large key.




A single byte may be encrypted many, many times, each successive result being passed to another algorithm in what may be regarded as a random path determined by reseeding of a random number generator at various junctures using values from the very large key, the smaller key and various other user supplied parameters, including, for example, source user, destination user, file name, save-as file name, and description.

An optional higher level of security is available. If the message is secured using the same string as the file name and save-to file name, then when unlocking is attempted the first time, the original file will be overwritten, affording only a single opportunity for the message to be unlocked. A message may be secured in accordance with various options specifying an intended audience, including "global," "specific" and "private" options. "Global" allows anyone having a copy of the data security software to decrypt the message providing that person has the correct keys and is able to supply parameters matching those with which the message was secured. "Group" allows the possibility of successful decryption by any of a number of users within a group identified by its members having copies of the software program with a common prefix. "specific" allows only a user having a particular numbered copy of the software program to decrypt. Finally, "private" allows decryption only by the same software copy used to secure the message originally. Without the correct keys and parameters, it is impossible for the message to be unlocked. The present invention further enhances security by allowing definition of a date range where the data can be decrypted correctly, hence preventing lengthy efforts to break the code by brute computational force.


Many different types of data security measures are known. Presently, most widespread data security measures are based on public-key encryption. One of the reasons for the relative prominence of public-key cryptography is that it solves the problem of key distribution in an elegant fashion. In public-key encryption, the encryption and the decryption keys are separate, with the encryption key being publicly known and the decryption key being kept secret.

Despite the important advantage of not requiring secure key distribution, public-key cryptography also suffers from various disadvantages. Administration is typically required to ensure that unique public-keys are assigned to each user. A person's public-key must be listed in a directory, and must be found in the directory prior to encrypting a message. The computational burden of public-key cryptography is significant both in generating random prime numbers for use as keys and in encryption and decryption processing itself. Furthermore, despite the computational complexity, public-key encryption using medium size keys has been shown to be insecure given the tremendous network computing resources that may be brought to bear on breaking the encryption.

What is needed, then, is a data security mechanism that surpasses in security present public-key cryptography methods and that minimizes the computational burden involved.