Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

2/11/2016
10:41 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rubicon Labs Debuts TLS Armor Security & Trust Platform for Cloud-based Data Centers

Massively Scalable, Compact, Zero Knowledge Platform Makes Keys Invisible to Senders, Receivers, Would-Be Hackers. Creates and Validates Identity for Cloud, IoT, and M2M for Extremely Robust, Accelerated and Low-Power Security.

SAN FRANCISCO, CA and AUSTIN, TX February 11, 2016 – Rubicon Labs, Inc., developers of advanced secure data protection and identity technologies for cloud-based data center applications and the Internet of Things (IoT), today introduced TLS Armor™, a hardware security platform to protect and accelerate the execution of high-value cryptographic SSL (Secure Socket Layer)/TLS (Transport Layer Security) keys in untrusted data centers.

Built upon its “Zero Knowledge” platform and product family, the TLS Armor product is a breakthrough that couples device-level software and hardware at the semiconductor level to safeguard the keys that clients and servers depend on for negotiating secure connections. Those keys are transformed into values that are invisible to an attacker and never known but still usable by the CPU when wrapped with Rubicon’s Zero-Knowledge keys. The TLS Armor product was designed specifically to protect SSL/TLS keys at rest, in transit, and - most importantly - in use, rendering them useless to an attacker.

The TLS Armor PCIe card is the first product from Rubicon built upon its Zero Knowledge platform. That platform has been engineered with speed, low power usage and high data security as its most critical components. When deployed in the data center, TLS Armor restores trust to vulnerable clouds. It can also be used to establish secure identity and key exchanges for IoT devices through an optional software upgrade to transform the PCIe product into a powerful IoT gateway.  A Rubicon Labs-based IoT key exchange executes over 3,000 times faster than an equivalent RSA 2048 bit TLS handshake.

Dave Lundgren, CEO of Rubicon Labs, said, “With cybercriminals on the prowl as never before, there is an urgent need for an entirely new generation of massively scalable and immediately available secure communications technology, unburdened by past processes and protocols.”

In commenting on the TLS Armor platform from a user perspective, Akamai Chief Architect Stephen Ludin said, “Rubicon Labs has developed a true zero knowledge system whose protocols are cryptographically sound for use in data centers but also light enough to scale down to emerging IoT applications.”  Mr. Ludin added, “We feel TLS Armor from Rubicon Labs is a hardware solution that is well poised to be very powerful in the next decade.” Akamai is an investor in Rubicon Labs.

In commenting on the competitive advantages of the TLS Armor product, Rod Schultz, VP of Products for Rubicon Labs, said: “TLS Armor is a secure  hardware execution environment for high value cryptographic keys executing in the cloud , and was designed to protect the digital assets that form the foundation of a secure web.”

Unfortunately,” he added, “we can no longer assume cloud-based servers are executing in a secure environment, which is why TLS Armor was designed to prevent a would-be attacker from gaining complete control of the CPU.”

Experts increasingly agree that a new approach to accelerated authentication must withhold critical information from attackable memory in order to keep it inaccessible to would-be malicious players.

Akamai’s Mr. Ludin commented, “The explosive growth of connected IoT devices has created the greatest vulnerability in the attack surface we’ve seen in recent years, and our experience tells us that legacy secure communications protocols are largely ineffective.” He added, “Rubicon Labs has the unique capability to make encryption keys invisible so that authorized users and potential hackers alike have no knowledge of what they are.”

The TLS Armor Platform

TLS Armor is a secure execution environment coupled with a cryptographic hardware accelerator optimized for the communication protocol required to secure Cloud, IoT, smart grid, automobiles, routers, and more. Designed as a PCIe card with a software library and API for OpenSSL engine integration, it can rapidly be added to a network to immediately establish security for high value RSA and ECDSA keys. Those keys are used to provide identity when setting up secure tunnels between web servers and browsers. When such tunnels are compromised, the very foundation of trust in the cloud is destroyed and all customer data becomes vulnerable to theft.

Ready for integration into the cloud today, TLS Armor is adaptable for the diverse security needs and budgets of any enterprise.

 Platform features include:

·      *   HW acceleration for RSA and ECC keys

·      *   Secure execution environment

·      *   OpenSSL engine integration

·      *   Hardware security for identity, data communications to protect data at rest, in transit and in use

TLS Armor is now being deployed in early stage trial adoptions at major OEMs.

About Rubicon Labs

Rubicon Labs, Inc. is a venture-backed cybersecurity company founded by veterans of Apple and Broadcom, with offices in San Francisco and Austin, Texas. The company develops next-generation secure communication products and protocols that utilize underlying hardware, device-level software and cloud-based computing architectures designed for data center and IoT applications. Rubicon’s solution provides a hardware root of trust that makes the keys that identify and authenticate commands invisible to all users, which safeguards secrets from cybercriminals. 

Additional Resources:  rubiconlabs.io/keyexchange

Rubicon Labs Contact:

Rubicon Labs, Inc.

Richard Egan, VP

[email protected]

 

Media Contact:

Dan Chmielewski

Madison Alexander PR

1-714-832-8716

1-949-231-2965

[email protected] 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Tell him only Kevin Mitnick and the President know the launch codes.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31607
PUBLISHED: 2021-04-23
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function...
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...