Security + Simplicity
60% had difficulty to manage keys in the public cloud via BYOK
GLOBAL ENCRYPTION TRENDS STUDY 2020 - PONEMON INSTITUTE
Key management as service
Cloud service providers as well as users of cloud services are increasingly concerned about data protection and look for client-side encryption. However, no pure cloud based solution with true cryptographic security exists. We offer a novel a solution based on so- called Multi-Party Computation (MPC) protocols tailored to key management
How painful is key management?
Easy to get started with DuoKey KMS
DuoKey KMS can be installed on-premise using our terraform software-defined script or docker deployement. Minimum of 3 dockers are required for running our MPC node withtin your infrastructure. We provide unmatched cryptographic key security and operational agility
by utilizing a containerized software approach. Cryptographic Keys are generated across multiple MPC key
servers collectively referred to as a Threshold Security Module (TSM). The TSM provides cryptographic
key management functions across different trust domains (CSPs, or private DCs) and at no time is the
entire key present on any single server.
DuoKey Key Management simplifies multi-cloud deployment by eliminating the need for a mix of cloud and local HSM services, or some other on-premises encryption management solution. Companies will benefit from the simplicity and scalability of a pure-software, cloud-based Key Management-as-a- Service (KMaaS). KMaaS allows the management of customer owned encryption keys (also known as Bring Your Own Key - BYOK) across multiple CSPs, without requiring a KMS for each cloud service. DuoKey offers the added benefit of being available on any number of CSPs – not just Amazon S3, but Microsoft’s Azure, Rackspace and others.
Hold your own Keys
There is a risk that rogue administrators working at cloud service providers accessing customer data or keys with the intent to misuse the data. With DuoKey you keep dual control of your encryption keys while protecting sensitive document stored in the cloud. Efficient and secure key management is a challenge for any cryptographic system. Going beyond basic key management services, the system must protect the cryptographic keys against many evolving types of attacks which exploit brute force tactics, side-channel vulnerabilities, physical access of the system, weak encryption, replay attacks, and countless variants. Therefore, the secure management of private keys is one of the most critical functions of the cryptographic system and no infrastructure is secure if the private
keys are not secure.
Multi-Cloud Key Management
DuoKey Key Management is the industry’s first true cloud-native key management system. It utilizes patented technology and Multiparty Computation (MPC) to provide cryptographic key management with security equivalent to an HSM, with high-availability in a pure-cloud fashion.
It delivers keys to any cloud service, requires no trust in any service provider, and enables total key immunity against malicious actors, side-channel attacks, state-nation hacking, and unlawful or unauthorized key access.
MPC (Multi-party computation) is an innovative way to reduce complexity to store sensitive key material in one place and eliminate the concept of private keys. Every encryption is performed in a secure, distributed way to protect against cyber breaches, physical damage, and insider collusion.
DuoKey Key Management provides unmatched cryptographic key security and operational agility by utilizing a containerized software approach. Cryptographic Keys are generated across multiple MPC key servers collectively referred to as a Threshold Security Module (TSM). The TSM provides cryptographic key management functions across different trust domains (CSPs, or private DCs) and at no time is the entire key present on any single server.