CIOREVIEW >> Security >>

Zettaset Acquires its Fifth Patent: Rejuvenated FPE

By CIOReview | Friday, April 29, 2016
Jim Vogt, CEO,  Zettaset

Jim Vogt, CEO, Zettaset

MOUNTAIN VIEW, CA: In a big leap in the format-preserving encryption (FPE) domain, Zettaset, a leader in Big Data security, has bagged a new patent concerning data privacy and protection for large scale on-premises and cloud database environments. The latest patent (No. 9,313,023) awarded by the United States Patent and Trademark Office marks the fifth patent the company has acquired since its inception.

"As organizations expand beyond on-premises data storage to the cloud, the need for data-centric solutions like encryption becomes even more critical. In the brave new world of Big Data, scalability and performance must go hand-in-hand. The relentless increase in data volume requires new security methods and technologies optimized for the distributed computing infrastructures that are the foundation of all cloud services. These market dynamics and customer needs continue to drive our technology development at Zettaset", informed Jim Vogt, Zettaset CEO, in an interview with MarketWired.

FPE, that affords ciphertext in the same format as of the plaintext, is relatively old, but lacked the capability to deliver performance in today’s petabyte-scale Big Data environments. The new patent addresses these limitations and allows encryption and decryption of portions of data comprised in potentially larger dataset. Zettaset is focused on delivering enterprise-hardened software solutions that not only provide data protection, but also maintain the integrity of secured data, says Vogt.

This patent holds many advantages over existing FPE implementations, including the latest techniques adopted by the National Institute of Standards and Technology (NIST).

• The Zettaset patented FPE technology can take advantage of AES-NI (the Advanced Encryption Standard instruction set for Intel and AMD microprocessors), making it much faster than NIST FPE. The NIST method uses a custom unbalanced Feistel network that is slower than the Zettaset method.
• The Zettaset method wastes very little of the AES keystream, adding to its efficiency when encrypting large volumes of data. The NIST method uses cycle-walking that can require multiple AES calls for each byte resulting in impaired encryption performance.
• The Zettaset method is easier to implement, using common cryptographic primitives and requiring no custom Feistel implementation. As a rule, simpler algorithms are less likely to have implementation errors in a production environment, making them intrinsically more reliable for deployment.