DNA – The secure Zero Trust and Trust No One compliant procedure for
Key Storage,
Key Distribution,
Key Recovery and
Key Archival
without assumptions about the key and without requiring key disclosure.
The DNA Promise:
DNA is a procedure that integrates into your existing processes, like your authentication procedures.
Compliance with your approval and authorisation processes for key recovery are cryptographically guaranteed.
Private keys do not have to leave your organisation.
You determine the cryptographic primitives used in the key recovery procedure at any time.
You do not have to put trust into anyone for secure key recovery.
DNA enables compliance with highavailability requirements without compromising the confidentiality of the cryptographic material.
Our Solution
DNA – the internationally patented secure procedure for key recovery – ensures that cryptographic material is available on demand. In accordance to principles of Zero Trust and Trust No One, your company does not need to trust us as the provider of the procedure, nor any users, administrators, employees, customers, service providers, partners or systems. Private keys are never required to leave your organisation. Our procedure prevents any bypass of recovery policies and approval processes by cryptographical means. You retain full control over your key management: The DNA key recovery process can be integrated into your existing applications and processes. You retain full control over approval processes, cryptographic primitives and authentication methods. This allows you to implement your policies, customer requirements and legal regulations with the secure DNAkey recovery procedure.
key recovery and archiving.
Keys can be secured in accordance to high availability requirements.
There is no need to store the keys permanently on the client device.
Client authentication is completely separated from key encryption.
Risks associated with password use no longer need to be accepted.
Keys are available across devices when required.
Additional key distribution mechanisms are not necessary.
Key recovery policies and approval procedures are enforced cryptographically.
Key access is only possible in accordance to predefined and auditable processes. Accesses are cryptographically verified.
Further advantages of DNA:
- Be compliant
- Regulations and standards such as the EU GDPR, NIS2, ISO 27001, BSI C5 and others require the use of encryption and specify requirements for your key management. DNA helps you to tackle the challenges of key protection/storage, recovery and archiving in a transparent and traceable manner.
- Digital Sovereignty
- Investigatory Powers Act, Cloud Act, Assistance and Access Act. Many global players have laws that are incompatible with other regional requirements. DNA ties its key recovery to your jurisdiction, making you digitally more independent.
- Supply Chain Resilience
- Supply chain attacks on IT products are increasing. The security and reliability of DNA procedure can be transparently verified on the client at any time.
- Securing Cloud Infrastructures
- Provider access to data in cloud infrastructures (PaaS/IaaS) is a regularly discussed risk. DNA restricts data access to authorized users only.
- Meeting customer requirements (BYOK and more)
- Customers demand control over key management within cloud applications. DNA makes no assumptions about your keys or your customers' keys. Bring your own key is the default. In addition, DNA is cryptographically agile: You decide which primitives to use, whether according to BSI recommendations, FIPS 140-3 or something else.
- Avoiding reputational damage in case of data leaks
- In the event of a successful cyber attack, strong encryption in tandem with well protected keys protects your clients data and reduces impact on your reputation.