FAQ

FAQ & Support

Get instant answers to common questions

Frequently Asked Questions

Encryption is the process of converting information (data) into a form that is unreadable without special knowledge (usually referred to as a “decryption key”) that reverts the information to its original form. Whether the information is transiting from one location to another or rests in storage on a hard drive or server, encryption keeps prying eyes from discovering it. In addition to its primary role in information confidentiality, encryption can also ensure the integrity of data and verify its origin.

Businesses use encryption to protect corporate secrets, governments use encryption to secure classified information, and millions of individuals use encryption to protect personal information and guard against identity theft and fraud (banking details, medical records, personal transactions and more).

For businesses today, cyberattacks aren’t just a threat; they are an inevitability. Whether it is customer data protected by federal privacy laws or sensitive internal corporate communications, the information stored and sent by companies is a tantalizing target for cyberthieves. For every widely publicized cyberattack such as the 2014 Sony Pictures hack and the Equifax hack of 2017, there are thousands of smaller scale attacks each year with devastating consequences for companies and their customers. The results for targeted corporations are increasingly familiar: irretrievable financial losses, stiff fines and penalties, loss of stock value and the negative impact to both customer trust and company reputation. It is now widely accepted that the damage costs associated with cybercrime will reach $6 trillion annually by 2021.

Moreover, companies have a legal and ethical obligation to secure the private and personal information of their customers and clients. Colorado and California are leading the charge at the state level by enacting strict privacy and cybersecurity laws and Senator Ron Wyden of Oregon’s proposed federal Consumer Data Protection Act calls for prison sentences of up to 20 years for CEOs who fail to adequately protect their customers’ private data.

Encryption methods can be either symmetric and asymmetric. Symmetric systems use a shared secret key for both encryption and decryption, while asymmetric system keys come in pairs, with one being a secret private key and the other being a public key.  A message encrypted with either of the keys in an asymmetric pair can be decrypted with the other and vice versa.

The Advanced Encryption Standard (AES) is a symmetric encryption method standardized by the U.S. National Institute of Standards and Technology and trusted across the U.S. federal government and worldwide.  It is the only publicly available encryption method currently approved by the U.S. National Security Agency to protect Secret and Top Secret classified information. Even without any algorithmic advances, quantum computers would already dramatically weaken AES encryption, effectively cutting the key size in half.

Rivest-Shamir-Adleman (RSA) is a widely-used asymmetric encryption standard. The secrecy of an RSA private key given the public key is based on the mathematical difficulty of factoring the product of two large prime numbers. This is computationally infeasible for large enough key sizes using only classical computers, but quantum computers would solve this factoring easily.

While no one knows exactly when it will happen, we do know that quantum computers will eventually render current encryption methods obsolete. A joint research effort between Google and the KTH Royal Institute of Technology in Stockholm found that a quantum computer powered by 20 million qubits could use modular exponentiation to break 2,048-bit encryption—a task that would take the most powerful desktop computer more than a million years—in just eight hours.

Based on the pace of quantum technology developments, experts predict Quantum Supremacy will occur sometime within the next decade. That means that every single piece of data—from trade secrets and financial documents to health records and patented formulas—encrypted and transmitted using today’s standards may soon be exposed. The only solution, according to the National Institute of Standards and Technology, is to “begin now to prepare our information security systems to be able to resist quantum computing.”

The 7Tunnels patented technology is, in its simplest form, a digital version of the one-time pad (OTP) system. Invented in 1882 and widely used during World War II, the OTP system is proven to be unbreakable if used correctly. A message, or data, is encrypted using an encryption key. The receiver of the message uses a pre-shared decryption key to turn the ciphertext (encrypted) back into plaintext (decrypted) and then destroys the decryption key information. (During WWII, keys were printed on actual paper pads, each sheet of which was destroyed after use, hence the name “one-time pad”).

A key factor in the correct (and therefore provably secure) use of the OTP system is randomness of the shared keys. 7Tunnels encryption uses true random numbers (TRNs), generated by unpredictable physical processes, as the foundation for its encryption keys. Because they are randomly generated (i.e., not pseudorandom), these keys are not vulnerable to brute force attacks. 7Tunnels encryption solution as a OTP system with TRNs prevents all methods of cryptanalysis and stops data harvesting, protecting your communications from future threats posed by exascale and quantum computers.

7Tunnels uses sequences of true random numbers generated by unpredictable physical processes (explained in detail below) to create Random Cipher Pad (RCP) encryption key libraries.

7Tunnels key libraries are part of each 7Tunnels encryption system, and are used to create a future-proof secure communications tunnel between a user’s 7Tunnels device and the user’s exclusive 7Tunnels endpoint hosted in a U.S.-based cloud data center. These keys are automatically discarded after use, ensuring no reuse of encryption keys (a key criteria of the OTP system). As part of the 7Tunnels security protocol, 7Tunnels RCP libraries are replaced before they are ever fully exhausted (at no additional charge to the customer).

7Tunnels creates a secure tunnel through which data and communications can safely flow by encrypting information at the IP packet level. The process doesn’t simply encrypt the contents of emails, web browser commands, streaming video, VOIP calls, file transfers, etc., it protects all of the above by securing every IP packet flowing through the tunnel.

Encryption key lengths are difficult or impossible to compare between different types of encryption.  For example, RSA asymmetric encryption needs a key length of 3072 bits to equal the strength of a 128-bit symmetric encryption key (https://web.archive.org/web/20170417095741/https://www.emc.com/emc-plus/rsa-labs/historical/twirl-and-rsa-key-size.htm). In fact, some “post-quantum” encryption techniques have key sizes as large as a megabyte (https://en.wikipedia.org/wiki/Post-quantum_cryptography).  7Tunnels encryption works differently by encrypting every 8-bit byte of a message with a different true random number (also an 8-bit byte), so the encryption key used by 7Tunnels is the same size as the message being encrypted, and its length obviously varies from message to message.

7Tunnels creates key libraries using advanced true random number generators (TRNGs). These devices use unpredictable physical processes, such as photon behavior, zero-point energy in a vacuum, radioactive decay, transistor band gap noise and measurement of shot noise, to generate truly random numbers with no pattern, algorithm or standard method of creation. These numbers are the basis of 7Tunnels’ quantum-resistant encryption solution.

7Tunnels encryption is, by design, beyond the decrypting power of today’s computing labs and testing centers. However, the patented 7Tunnels encryption system is comprised of components that, when combined, are proven to be perfectly secure. With a one-time pad (OTP), each character of a message is encrypted separately, so even a brute force approach that tries every possible encryption combination can’t provide any information about the original unencrypted message. The OTP (also known as a Vernam System) has been repeatedly demonstrated to be perfectly secure, first—and most prominently—by noted American mathematician Claude Shannon, known as “the father of information theory.” Shannon’s seminal 1949 paper “Communication Theory of Secrecy Systems” proved that the OTP (or Vernman System) is unbreakable when used properly.

The most critical component of the digital OTP application is the use of True Random Numbers (TRNs) to generate encryption keys. 7Tunnels TRNs have undergone extensive testing using Duke University’s Dieharder 3.31.1, NIST Statistical Test Suite SP 800-90B, NIST SP800-22 r1a STS Suite, TectroLabs Bitcount Test, and the Fourmilab ENT program. Using Ubuntu 17.10 running on a Windows 10 VirtualBox, the tests included only raw data without whitening or post processing. The results have consistently proven the entropy (mathematical randomness) of 8-bit bytes is 7.9+, which is the equivalent of “five nines,” or 99.999% random—as close to perfectly random as can be proven.

Using TRNs in a digital OTP creates an encryption system with no underlying mathematical architecture, meaning no possible decryption attempt through brute force or algorithmic cryptanalysis—even one undertaken by a fully functioning quantum computer—could ever provide any information about the original unencrypted message.

7Tunnels uses a proprietary confirmation process when establishing the connection between a device (AG7, PG7 or OG7) and its customer-specific endpoint. Communication begins with a handshake process using a TCP connection protected by AES256-GCM encryption. After the handshake is complete but before any customer communications/data can be sent or received, 7Tunnels adds an additional layer of security through an exclusive confirmation process. The authenticity of the new tunnel is confirmed by exchanging a single data packet protected with 1,182-bit encryption. Once that packet is successfully decrypted on both ends (using pre-shared keys that are never in transit or vulnerable to intercept), the tunnel is confirmed. This handshake and confirmation process, in addition to the 7Tunnels proprietary data encryption, ensures authenticity, integrity and confidentiality of communications through each customer’s tunnel.

7Tunnels products and technology have been successfully field tested and are currently being used for real-world applications. In 2019, 7Tunnels’ AG7 aviation system successfully passed a rigorous proof-of-concept testing protocol outlined and contracted by a Fortune 50 company. The six-month POC program featured four phases of ground-based and multi-continent, in-flight testing. Testing with other major corporate customers and their IT departments have proven successful as well.

In order to constantly test security of its systems, 7Tunnels plans to have independent white hat testing and certification labs do penetration, performance and compliance testing and reporting.

 

In 2019, Dr. Milos Prvulovic, Professor in Computer Science and Dr. Alenka Zajic, Associate Professor in Electrical and Computer Engineering, both at the Georgia Institute of Technology (Georgia Tech), analyzed and reviewed 7Tunnels technology and software. The conclusion of their independent report stated: “Based on our expertise in encryption technologies, research experience with attacks on cryptographic implementations, and a review of the 7Tunnels technology, we conclude that 7Tunnels correctly deploys the OTP cipher technology, in a way that has been proven to be absolutely secure in the information-theoretic sense, i.e. the encrypted data remains secure regardless of future algorithmic and/or computer hardware developments.”

The 7Tunnels Chief Technology Officer is a former Lt. Commander in the United States Navy who earned degrees in Computer Science and Mathematics from the Naval Academy and a master’s in Artificial Intelligence from MIT. The eight members of the 7Tunnels engineering team hold nine undergraduate and advanced degrees in Computer Science, Electrical Engineering and Applied Mathematics from universities including Cal Poly, Maryland, BYU, the University of Utah, the University of California Santa Cruz and the University of Hawaii.

The team has decades of combined experience at major companies such as Microsoft, Apple, IBM, Intel, L3, Lockheed Martin, Hewlett Packard, Amazon’s Lab126, Ernst & Young, KPMG, Toshiba, Sun Microsystems, Citrix, Abbott Labs, Maxar Technology, Hitachi Data Systems, as well as the United Nations International Atomic Energy Association (IAEA), the Johns Hopkins University Applied Physics Laboratory, the Mitre Corporation, and the United States Navy, and have successfully navigated the process to get encryption architecture approved by the National Security Agency.

7Tunnels devices pair seamlessly with existing wired and wireless Internet connections to create a new, easily identifiable secure network. As long as an end user is connected to the secure 7Tunnels network with their phone, computer, tablet or other device, any information they send or receive is protected now and into the future. No software or app downloads are required, and no special clicks or settings are needed to encrypt or decrypt communications. The encryption and decryption processes run transparently in the background, without impacting efficiency or speed.

Once your communication safely reaches the cloud endpoint, it continues on, joining the incalculable amount of digital traffic routed through the U.S. Internet infrastructure. Collecting that data for later decryption would require accessing the secure cloud servers and then either collecting and storing the entirety of the data flowing through those servers or immediately pinpointing the target ciphertext among billions of data packets. Both of these options are far beyond the capabilities of any company, collective or nation and are thus effectively impossible.

7Tunnels has no way of monitoring or collecting user data, but we do monitor the level of a customer’s key library, either digitally or through direct communication with the customer. When the key library level reaches a predetermined threshold, subscribers are notified and the device “cycling” process is initiated: a new, fully-loaded device is sent to the customer and the original device is shipped back to 7Tunnels to be reconditioned and reloaded with new RCP libraries. Since there is no data on the device being returned, there is no security threat during shipment or reloading at the factory. Under the 7Tunnels “unlimited” subscription program, all this happens at no additional cost to the customer.

The approach used by other encryption solutions to combat future technological threats is simply to increase the length of the key to create more secure encryption. This strategy merely converts a problem “thought to be hard” to a problem “thought to be harder” and disregards the inevitability of quantum computers and their ability to quickly solve even very complex algorithmic problems.

The 7Tunnels solution provides true quantum-resistant encryption using true random number encryption keys and patented technology based on the time-proven OTP system. In a world of diminished expectations and lowered standards, where “good enough” applies to everything from food quality to technology performance, 7Tunnels’ quantum-resistant encryption is the clear winner for protecting critical and proprietary data and communications.

Keys are encapsulated inside the 7Tunnels tamper-resistant hardware devices. 7Tunnels ships its devices using tamper-evident packaging with built-in security and pre-arranged activation protocols. If a device is ever intercepted by a bad actor, the device cannot be activated, and therefore becomes useless.

Does 7Tunnels Encryption Reduce Transmission Speeds or Create Unwanted Latency?
7Tunnels devices are engineered for low overhead, maximum efficiency and minimal latency to ensure computing and transmission speeds are not impacted by the 7Tunnels system. 7Tunnels systems can handle the same number of individual user devices (e.g., smart phones, laptops and tablets) that the existing network could without a 7Tunnels device.

If synchronization between the endpoints is maintained, the key library never expires, and lack of use in no way weakens or compromises the integrity of the cryptography system.

The approach used by other encryption solutions to combat future technological threats is simply to increase the length of the key to create more secure encryption. This strategy merely converts a problem “thought to be hard” to a problem “thought to be harder” and disregards the inevitability of quantum computers and their ability to quickly solve even very complex algorithmic problems.

The 7Tunnels solution provides true quantum-resistant encryption using true random number encryption keys and patented technology based on the time-proven OTP system. In a world of diminished expectations and lowered standards, where “good enough” applies to everything from food quality to technology performance, 7Tunnels’ quantum-resistant encryption is the clear winner for protecting critical and proprietary data and communications.

7Tunnels devices are engineered for low overhead, maximum efficiency and minimal latency to ensure computing and transmission speeds are not impacted by the 7Tunnels system. 7Tunnels systems can handle the same number of individual user devices (e.g., smart phones, laptops and tablets) that the existing network could without a 7Tunnels device.

Unused key libraries are wiped clean. The replacement device is pre-loaded with an all new key library and a matching library is installed on the exclusive AWS server tied to the replacement device.

Aviation System Specific

Both the AG7 and PG7 are lightweight, electrically powered equipment classified by the FCC as Portable Electronic Devices (PED), and neither requires an STC if used onboard a PED-tolerant aircraft. An aircraft is deemed PED-tolerant if it complies with the design tolerance requirements established in Radio Technical Commission for Aeronautics (RTCA) DO-307, which confirms that PEDs will not interfere with aircraft systems even in critical phases of flight. Additionally, all aircraft undergo mandatory certification testing for avionics interference during the installation of wireless communication systems. Thus, if an aircraft has an existing WiFi system, it is considered PED-tolerant.

The AG7 ships with an A/C power cord featuring a low voltage wall wart that plugs into and draws power from any onboard A/C outlet.

Your 7Tunnels tech will find the optimal location for use during the onsite setup and activation visit. But for maximum effectiveness and passenger safety, the AG7 should be stowed in a compartment near the aircraft’s wireless router. The base of the AG7 features anti-skid pads to keep it stable during flight. The AG7 wireless range is effective on even the largest private planes, including large tube aircraft such as the Gulfstream G650, Challenger 605 and Bombardier Global Express. The AG7 should not be placed in an area that isn’t environmentally controlled, including baggage or storage compartments or wing lockers.

The AG7 is a Personal Electronic Device (PED) and should not be installed or permanently mounted to the aircraft in any way.

Each AG7 is assigned to, set up and activated on an individual aircraft with a dedicated tail number. Attempting to transfer the AG7 to any aircraft other than the one assigned violates  the Subscriber Service Agreement.

When properly connected and operated, the AG7 won’t interfere in any way with flight critical systems.