Products Main Summary FAQ Customers Contact TOC Choose format
FAQ - Guarantees, policies and arrangements
Why is UPE not publicly available?
If the algorithm and implementation is open, more eyes can test it. But there are a lot of dangers, see the above sections. This is not so simple as for example in case of text encryption.
Text encryption is passive. The eavesdropper does not learn something for what usually do not have access. But UPE is active. It can be used to attack computer networks. This changes everything. The right development methods, attitudes developed for text encryption does not apply for UPE or related technologies.
In our recent business model, we do not release the
algorithm.
But to make certain applications - like really smart cards, anon
stock
markets, virtual anon companies, secure voting systems, more developed
forms of
electronic money, etc - to build the necessary trust we have to
patent a version of it.
So we have to make it public. But we cannot do it now because of the
possibility
of the malicious applications. We can release the algorithm and the
source code
only if the appropriate protection technologys, with special emphasis
on secure
OS-es, are widely available and used. Our intention is to immediately
release
the algorithm if the time is ripped for that, because secrecy
substantially slows down our growth.
But it is only a popular myth that one cannot trust a security product without knowing its source code. (One has to check the compiler, the whole OS, the language, the chip. No one is capable of doing it for everything nowadays. Even the most secretive agencies outsource some of their hardware and even software developments. The fortress mentality is partially abandoned. If you are not an expert, just to have an idea about the difficulties, check this ACM Classic out.) There are so called zero-knowledge proof systems by which one can prove what a program does, without revealing the how. Unfortunately, so far no such a product is implemented. Our goal is to do that - first only for small but critical parts of a program - because we expect that it may take a long time to achieve the widespread usage of protection technologys.
Why is UPE not freely available?
Some people argue that we should follow an other model. Not to make money but to serve humanity. After building a secure OS (naturally open source OS, like Linux, for free) in a secure environment by trusted programmers, we should release this OS and the UPE algorithm for free.
It is a very widespread view in certain circles. Because there is something in it. But there are several problems with this view. The problem is that the development process is usually under sourced for structural reasons. (Easier and less risky to copy than invent, unless unauthorized copying is detected and punished severely.) The distributed development model, like Linux, is maybe very good at spotting mistakes in the implementation, but not good at implementing something really new. People would not invest in things what they can get later for free. The competition would be big, the profit margins small and the risk unpredictable. Not mentioning the necessary UPE related hardware development, where these issues are even more flexing and patents play a bigger and more positive role than in software. So far, the Linux model did not work for hardware development, and UPE is principle is closer to hardware than to software. These are the basics of economy, so they should not be discussed here in detail.
Some people may not be able to pay for the protection.
For them
we make possible to have access some TPVS products for free. But only
open
source, freeware and adware products. But there is no free lunch. The
developers
of the products have to pay by some programming or translation work
done for
TPVS and / or by providing some advertising surface. So, you may get
protection
for free, but you have to see our logo, and maybe something more
exciting too.
How can I trust the implementation of UPE?
To tell the truth in short, by a little leap of faith. As in case of any other cryptographic or software product (even if the marketing gurus do not tell it to you). Mumbling too much about the necessity of open source, or knowing the algorithm is misleading. It even may give a false sense of security. See this ACM Classic and the above section and think. Because of the possibility of sophisticated backdoors, there is no substantial difference between trusting PGP (it has an open source) and UPE. Just hope, with some little dose of healthy skepticism.
I wonder, how many of those who demand publicly available source codes and algorithms reverse engineered the source of the security applications they use? Do you work on your own brakes and seat belts too? If you, most people would think that it is a sign of a severe mental condition ... . Most people hire an accountant for their taxes, a lawyer for such affairs, a mechanic for their car, and so on. Modern society is build on trust relationships in a market and legal guarantees combined with a division of labor. Crypto is very subtle, but so is tax law, litigation, finance and modern automotive and flight control systems. It is not in principle different from those areas, where money, property and life is at stake, and we trust others to help us.
Those who try UPE products, in the recent business model, do not make substantial risk. They just add the encrypted key hiding technology to existing "software protection". Secure key hiding is missing from recent ones. So, without adding any risk, we simply enhance existing technology. The only risk that we are not adding any further security - without weakening the existing one. If you find that our products are not secure - and can convince us by a reproducible security breach - you get your money back.
How can I check against undocumented features?
Well, to be honest, you can't. Even TPVS can't. Because it is, in general, mathematically undecidable. But this is a common problem of any program which is not mathematically verified. And most - if not all - of them including the ones running in your machine are not. The scary thing is that people write and run programs which they do not completely understand. But by running and practicing the program with non important data you can convince yourself in the usual way. Although in case of encrypted programs it may take more time to develop trust.
TPVS is not interested in building undocumented
features into
its programs because there is no better way to ruin its business. Each
step is
documented in a secure way to clear ourselves of any charges if they
emerge, and
to make it easy to find those who are responsible if such things
happened. But
our opponents, either competitors, politicians or stupid people only
having fun
may spread unfounded rumors to discourage people to use encrypted
software
products.
However, this is not the end of the story. Mathematically it is possible to prove what the program does without revealing how it does it - if the program is short enough. Unfortunately this has not been implemented yet but we are working on it. It is a plan of TPVS to implement this self-verifying feature at least for its most simple programs to build further trust in its products. See our development plans page.
Are there Never Answered Questions?
Although our policy is to be as open as possible, we do not answer questions if the answer might compromise our mission. Here is a short list of questions we never answer to anybody under any circumstances. Please, do not bother us by asking them. The list is intentionally not complete.
Technical details about the inner workings of UPE.
Technical details for malicious applications.
Exact terms of exclusive contracts with our partners.
Of course, if UPE is patented and the algorithm and source code is made open then the first question will be answered. In our case the problem is, that we have to reveal the theory, and according to current patent laws, we may loose patent rights.
How do you plan to convince people to use UPE?
Demonstrations: We hold
demonstrations for possible customers and the public in general.
Both about the possible malicious use of UPE and how to prevent it (by
UPE). Unfortunately, we can give away code only under very
restrictive conditions.
Auditing: We also plan some kind of auditing of our products
and
methods, while we cannot release the algorithm and the source code. An
auditor
has to have serious cryptographic background and a very strong
commitment and
interest against misuse. We are seriously working to find an
appropriate not
government related candidate, which is more difficult than we
anticipated at
first. It might occure that such auditor does not exists.