Technology

Enclave

 

Enclave is an application which creates secure software-defined overlay networks, removing the complexity, cost and flexibility barriers to deploying secure computer networks on the hostile public internet today.

Users exchange certificate names, and instantly get secure, private and directly-connect networks.


 

Enclave hides the complexity of cryptography, key exchange, peer discovery, firewall configuration, and network address translation so that any number of parties, anywhere in the world can establish a flat network back-plane, instantly, for virtually any ask or purpose.

Once an encrypted connection is established, it can be used to send text, files, video, or provide back-office infrastructure connectivity - the concept provides a very versatile building block.


 

Enclave provides a communications fabric so flexible, that networks can last from years, to just seconds- allowing organisations to rapidly deploy truly ephemeral and secure micro-segmented networks without changing the underlying hardware.

The software guarantees mutual authentication, and requiring active intent from both parties to establish a connection, but provides the flexibility for either party, at any time, to tear down the connection.

As a software-defined construct, Enclave avoids the capital expenditure commonly associated with traditional network infrastructure like (i.e. VPN concentrators) which often have upfront costs, are deployed in hardware and require bandwidth, power, cooling, configuration, maintenance, warranty, knowledge workers etc.


 

Our technology enables organisations and individuals to reach across cross trust boundaries with near impossible ease of use, to setup secure communities of interest for incidental communication where there is otherwise no common trust anchor.

Enclave represents a technology change, allowing us to think about secure communications pathways as a transparent on-demand utilities, rather than as obstacles.


 

From helping large corporates safely innovate and experiment in complex partner eco-systems, to enabling co-operative communication in Government, legal or the commercial sectors, Enclave can lash together coalition forces, disaster relief agencies or computer networks into short lived and highly secure enclaves for task or project-specific operations; The use cases for secure, instant-on, easy to use and simple to deploy digital communications are extensive.

 

 

Features

  • Unparalleled ease of use
  • Instant up-down, no lasting impact
  • Software defined "utility" networks
  • Devops and automation friendly APIs
  • Direct peer-to-peer connectivity
  • Rapid deployment of secure networks
  • Provision in seconds, not hours
  • Maintain data sovereignty, no third parties
  • Invisible "meet in the middle" networks
  • Reduce attack surface area, reduce risk
  • Eliminates configuration complexity

 

Security Properties

  • Ephemeral keys, perfect forward secrecy
  • Always end-to-end encrypted
  • Always mutually-authenticated
  • PKI and certificate based trust model
  • Instant certificate issuance

 

Cryptographic Primitives

  • AES 256 bit encryption
  • Curve29915 key exchange
  • Ed25519 digital signatures
  • SHA256 HMAC
  • Constant time comparisons

 

Platform Components

 

Protocol

We use the term ElasticSockets to refer to our open protocol and specification which describe how to build interoperable self-governing peer-to-peer communities of interest on the Internet.

Software Development Kit

Our cross-platform SDK implements the ElasticSockets protocol. Third party developers can integrate the SDK into their own projects to build applications using our core technology.

Enclave

Built using our SDK, Enclave is a modern, secure, flexible and easy to use application capable of creating transient, secure and private virtual overlay networks in seconds of almost any size and shape.