7TUNNELS, INC.

Quantum Ready Key Management and Encryption Technology

TECHNICAL OVERVIEW

v.6.8.2020 ©2020 7Tunnels, Inc.

2

TABLE OF CONTENTS Introduction & Background 3

The Quantum Threat 6

7Tunnels – A New Solution 8

Technology Applications 13

Technology Demonstrators 14

Sample Applications 16

Technology Roadmap 18

Intellectual Property, Patents, Etc. 20

Summary and Conclusion 22

References 22

Contact Information 23

Forward Looking Statement

7Tunnels is an innovation lab. The technology and applications listed in this paper are examples of existing and future developments by 7Tunnels and do not attempt to list or outline all possible technologies and applications that can be created using 7Tunnels existing and future developments.

3

As quantum computing fast becomes reality, it will usher in great opportunity while equally wreaking havoc on today’s encryption capabilities. Simply put, contemporary encryption that is based upon mathematic algorithms rather than truly random translation will fail. Addressing this threat of data security failure has been the driving force behind the work at 7Tunnels. 7TUNNELS – READY NOW TO PROTECT AGAINST THE QUANTUM THREAT

• 7Tunnels has developed a post quantum computing era encryption system unlike anything currently available • 7Tunnels technology provides the highest level of security when compared to encryption technologies using mathematical algorithms that are vulnerable to quantum computing advancements today and into the future • 7Tunnels technology is applicable for all types of digital communications over networks and is scalable for large user groups, as well as point to point communications for air to ground, ground to ground, satellite to ground, and other systems • 7Tunnels technology has been integrated into production quality products to demonstrate the technology. 7Tunnels products are in full-time use by Fortune 500 companies (DuPont and others) • 7Tunnels technology is equivalent to Technology Readiness Level (TRL) 9 in the commercial market • 7Tunnels technology is designed to be integrated into any software stack or tech product and currently runs on Windows, Linux and Raspberry Pi and other embedded systems, and can run on Mac iOS, and other systems as a software of black box solution • 7Tunnels can help secure the coming 5G evolution of data communications systems and maintain the high bandwidth enabled by these technologies • 7Tunnels technology is protected by 7 U.S. patents, pending patents, and multiple international patents and pending patents for encryption and dynamic key distribution, etc.

DATA AND COMMUNICATIONS SECURITY: MORE AT STAKE TODAY

For corporations and government entities, cyberattacks are not just a threat, they are an inevitability. These cyberattacks are launched by well-funded and highly technical state-sponsored entities, criminal organizations, and individual rogue hackers. The results for targeted companies are distressingly similar: irretrievable financial losses, stiff fines and penalties, and the damage to both customer trust and company value. Moreover, companies and government agencies are being held increasingly accountable for protecting the personal information of their personnel,

4

customers, and clients. Colorado and California have enacted strict privacy and cybersecurity laws, and Sen. Ron Wyden (2018) sponsor of Oregon’s proposed Consumer Data Protection Act calls for prison sentences of up to 20 years for CEOs who fail to adequately secure their customers’ private data.

“Cybercrime, by definition, is the greatest threat to every profession, every industry, every

company in the world.” - Ginni Rommety, Pres. & CEO – IBM STATEMENT ABOUT ONE TIME PADS AND INNOVATION

Over the course of history, ground-breaking innovations have been met with a variety of skepticism, limited vision, ego and arrogance. Examples are easily conjured though a few easy ones include the light bulb, the portable computer, even the Enigma machine. And yet, all had a global impact on our lives. Eschewing ego and arrogance, the 7Tunnels team focused on creating a new level of cyber encryption to help protect the world of data transfer and storage from a pending threat: quantum computing.

Along the way, some “experts” have tried to refute the power of 7Tunnels encryption by tagging it to old-school ideas and methodologies, particularly those surrounding the venerable concept of the One Time Pad. It is human nature, and always easier, to write-off innovation than to embrace change and discover a better solution. It is with this in mind that we present a true advance in the world of encryption – one that uses the concept of the One Time Pad as a jumping-off point, not the method, for a more secure tomorrow.

7Tunnels implements symmetric key cryptography using a stream cipher where the keystream uses True Random Numbers that are only used once, a.k.a. a One Time Pad (“OTP”). Recent advancements in hardware and memory technology, along with new patent pending processes based on well-known signal processing / mathematical techniques, have given OTP technology new life. This encryption/decryption methodology is no longer cumbersome to implement nor impractical. Physical key distribution challenges of the past have been solved. 7Tunnels technologies are a significant advancement of “One Time Pad” encryption and should not be lumped into discussions of conventional OTP methodologies. With 7Tunnels technology, the resulting cryptography is better than quantum resistant, it is quantum secure. 7Tunnels technologies ensure privacy via well-known confidentiality techniques. This claim can be verified both mathematically and practically. BACKGROUND

In 2016, USA-based 7Tunnels, Inc. assembled a team of US-based engineers with two goals in mind: create a key management and encryption solution to eliminate today’s cyberthreats and prepare for the quantum era. 7Tunnels successfully developed next generation technologies capable of deterring, preempting, and defeating malicious cyber activity targeting the data transfer and communications of government, critical infrastructure, and commercial entities. 7Tunnels patented technology is a digital (and highly efficient) version of the one-time pad (OTP) system invented in 1882 and widely used during World War II and mathematically proven to be

5

unbreakable when used correctly. The sender and receiver of a message use a pre-shared key to encrypt and decrypt the message, after which the key is destroyed. During WWII, those keys were printed on actual paper pads, hence the name “one-time pad.” Advancing the OTP concept, 7Tunnels achievements can be summed up as follows:

• In cybersecurity, the biggest imminent threat is Quantum Computing, which will defeat the cryptography we are using today, exposing untold proprietary and classified information • 7Tunnels engineers have developed next generation key distribution management and superior encryption technologies to significantly mitigate the quantum computing threat. • 7Tunnels has developed its cryptography to protect digital networks including the internet and private corporate networks • 7Tunnels has created fully functioning, mission-ready products that are currently in use by Fortune 500 customers. These products demonstrate the ease of use and viability of the technology

• 7Tunnels patented technologies can be applied to software and hardware systems, creating a wide variety of possible products and services

• 7Tunnels’ IP is a game changing advantage for tech leaders and defense contractors as they wage war on cybercrime and cyber espionage

In times of great technological threats, only those with vision and appropriate countermeasures will survive and win. Cybersecurity companies incorrectly claim their “defensive,” mathematical-based products are quantum-secure. Quantum computing power is forecast to break all existing mathematical-based encryption solutions. Contemporary cryptography is based upon hard-to-solve mathematics rather than truly random translation. Public Key Infrastructure will crumble providing no Advanced Encryption Standard (AES) key confidentiality. Recognizing this threat has been the driving factor for the team at 7Tunnels.

The two main forms of digital encryption used today are symmetric (shared secret key) and asymmetric (public key). Most online communications involve a combination of the two: asymmetric encryption to securely share a secret key and symmetric encryption using that shared secret key to encode the data sent. The Advanced Encryption Standard (AES) is a symmetric block cipher algorithm used as the standard by the U.S. Government. Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are the primary asymmetric encryption standard. While the mathematical-based algorithms powering both AES and RSA are largely impervious to brute force attacks from classical computers, the rapid advent of quantum computers threatens the security of all these standards. The key to future data security is protecting data today against the threat of quantum computers. 7Tunnels has engineered its key management and encryption technologies to ensure that even quantum computing advancements will not render any usable information from today’s 7Tunnels encrypted data. As an innovation lab, 7Tunnels’ approach was to accelerate development, market testing, and evaluation cycles to produce mission ready technologies. 7Tunnels’ strategy from the start was to

6

create working products to demonstrate the technology, deploy samples to select, high-profile users, and ultimately sell this technology, thus fast-tracking broader-scale, cross-domain deployment.

According to a 2019 report from National Institute of Standards and Technology (NIST), “If largescale quantum computers are ever built, they will be able to break the public-key cryptosystems currently standardized by NIST, which consist of digital signatures and key-establishment schemes.” (NISTIR 8240, 2019). The Random Cypher Pad (RCP) schemes used by 7Tunnels are considered a symmetric-key cryptosystem under this definition.

7Tunnels technology is not based on mathematical algorithms. Our digital implementation of the proven, secure one-time pad cryptography method is a quantum-secure solution. This amounts to a “changing of the encryption guard.” Validated by an evaluation from Georgia Tech computer scientists, user feedback, and current deployment at DuPont, 7Tunnels technologies are ready for mass deployment. According to Drs. Prvulovic and Zajic, professors at Georgia Tech’s College of Computing:

Based on our expertise in encryption technologies, research experience with attacks on cryptographic implementations, and a review of the 7Tunnels technology, we conclude that 7Tunnels correctly deploys the OTP cipher technology, in a way that has been proven to be absolutely secure in the information-theoretic sense, i.e. the encrypted data remains secure regardless of future algorithmic and/or computer hardware developments. Additionally, compared to traditional ciphers, the OTP-based 7Tunnels technology improves security against scenarios where the attacker obtains the encryption key by other means, e.g. accidental disclosure, the victim is persuaded or compelled to provide encryptions keys, etc.

This paper is designed to be a practical introduction and reference for those in the cybersecurity community. The objectives are to:

1. Raise awareness regarding the threat of quantum computing to current key management and encryption methods 2. Explain how 7Tunnels technologies mitigates these risks

3. Consider user feedback and potential applications 4. Communicate 7Tunnels’ technology roadmap and patents

5. Introduce 7Tunnels’ technology demonstrators THE QUANTUM THREAT

Quantum computing is the most serious threat to modern-day technology infrastructure: • As quantum computers advance with more q-bits, mathematics-based encryption solutions become increasingly vulnerable

7

• Advancement in quantum computing will go unannounced, enabling once secure information to be compromised without warning • Proposed methods for "post-quantum" or "quantum-resistant" encryption methods that rely on mathematical equations will not solve the problem

Every 39 seconds there is a data hack (Security Magazine, 2017). In 2017, The World Economic Forum estimated the economic cost of cybercrime to be $3 trillion worldwide with anticipation it will reach $6 trillion by 2021 (Morgan, 2017). Cybercrime is the world’s most profitable criminal enterprise with cyberthieves stealing more financial value than that of the worldwide drug trade (Cybercrime Magazine, 2019). The global average cost per data breach is $3.92 million, and the average breach size is 25,575 records (IBM, 2019). Attacks are happening constantly, and with greater frequency to computers with Internet connections. 94% of organizations are using sensitive data in cloud, big data, IoT, data centers or mobile environments, creating new attack surfaces and new risks for data (Dickson, 2019). Classified data, proprietary intellectual property, and sensitive financial and personnel data are the largest targets and greatest wins for malefactors. Governments and corporations have been victimized by cyber-attacks, resulting in exposure of sensitive information, massive financial losses, tarnished brands, share-price reductions, and for some, bankruptcy. As more organizations move toward cloud technology, the increase in data transmission creates a rising need for overall data security. While cybercrime represents a global threat, the impending introduction of quantum computing into the digital world will unleash unprecedented capabilities to steal or ransom proprietary and classified data and intellectual property, as well as disrupt personal lives, organizational operations, and government agencies.

“The day a big quantum computer is built, all the cryptography we are using today is dead,” stated Dr. Christopher Petit from the University of Birmingham, UK. “To crack encryption, all you need is one working quantum computer under laboratory conditions,” says Andersen Cheng, Chief Executive of Post-Quantum, a cybersecurity company. Mr. Cheng likens it to building an engine and gearbox as compared with manufacturing an entire car. “A lot of nation states are building quantum computers and they just need a working engine to start cracking encryption,” he says.

Recently, China broke ground on the $11 billion National Laboratory for Quantum Information Sciences in the Anhui Province and began construction of a quantum fiber link that will eventually connect the cities of Beijing, Shanghai, Jinan, and Hefei. The Russian Quantum Center, which is a project of the private and government funded Skolkovo Institute in Moscow, has spearheaded research that has led to critical breakthroughs in general quantum computation and qubit (the basic unit of quantum information) entanglement. “All over the world, research institutes, universities, and businesses are in a race against the clock to develop appropriate solutions and stopgaps to forestall a Quantum Pearl Harbor that overwhelms the world’s leading encryption systems” (Herman, 2018). As an innovation lab, 7Tunnels believes its IP will help solve global problems confronted by government, tech leaders and defense contractors.

8

7TUNNELS – A NEW SOLUTION

Quantum Ready Key Management and Encryption Technology At its core, 7Tunnels technology is impervious to any cryptanalysis attempt (even using quantum computers) because each byte of a message is encrypted with a true random number (TRN). TRNs are not to be confused with a pseudo random number (PRN) generated by an algorithm. The resulting lack of correlation between original characters (plaintext) and the encrypted text (ciphertext) makes it impossible to determine whether or not the output from any decryption attempt represents the original message. 7Tunnels advanced this technique into the digital age enabling the automatic protection of large amounts of digital communications.

The following paragraphs describe how 7Tunnels technology interacts with user-defined endpoints (cloud or otherwise).

7Tunnels creates a secure tunnel between users and exclusive endpoints through which communications can safely flow. The 7Tunnels technology encrypts the contents of emails, web browsing, streaming video, VOIP calls, file transfers, etc., protecting data flowing through the tunnel—securing communications at the network packet level.

7TUNNELS KEY MANAGEMENT SOLUTIONS

Recent advancements in hardware and memory technology, along with patent pending mathematical techniques, have enabled 7Tunnels to solve the key management challenge of using One Time Pads--(OTPs). Our techniques take a large array of true random numbers and continually expand the array to new key streams using small "one time use" meta data files. This is done in a way that holds the mathematical promise of maintaining Shannon's "Therom of Perfect Secrecy". Once the small meta data files are consumed they can be replenished via 7Tunnels servers using limited background traffic or via short scheduled maintenance periods. This is important because it expands the replacement cycle of the of embedded security primitives inside the 7Tunnels solution from weeks or months--(depending on data rate), to an appropriate maintenance frequency as specified by the customer. The customer also defines the method of meta data replacement thus providing complete control over the system's security policy and availability profile.

Encryption Process Involves Unique And Individual One Time Key For Each “Bit” Of Data7TUNNELS ENCRYPTION - “EXCLUSIVE OR” PROCESS

0 1 0 1 0 1 0 0 P L A I N T E X T

0 1 0 1 0 1 0 0 P L A I N T E X T

1 0 0 1 0 0 1 0 O N E T I M E K E Y

1 0 0 1 0 0 1 0 O N E T I M E K E Y

1 1 0 0 0 1 1 0 C I P H E R T E X T

1 1 0 0 0 1 1 0 C I P H E R T E X T

PROCESS TO ENCRYPT

PROCESS TO DECRYPT

THE TWO STRINGS ARE XOR’D ( ) TOGETHER TO

PRODUCE ENCRYPTED CONTENT

THE TWO STRINGS ARE XOR’D ( ) TOGETHER TO

PRODUCE DECRYPTED CONTENT

9

7Tunnels also creates a point-to-point secure tunnel between isolated private networks. This fits the network model used by the DoD and highly secure networks that are self-contained and strongly firewalled. This enables 7Tunnels to secure critical infrastructure in much the same way as Cryptographic High Value Products (CHVP) currently do, but with the added benefits of OTP enabled protection against quantum computing attacks.

7Tunnels electronic OTP implementation works by pre-distributing matching series of TRNs to a paired system of a client-dedicated device or system (e.g., 7Tunnels hardware device or software program) and an endpoint (e.g., a dedicated server in Amazon Web Services in a U.S.-hosted region). When the client device is powered on and connected to the internet, it first creates a secure management connection to the server. This management connection determines what portion of

MATCHING KEYRANDOM CIPHER PAD

“RCP”

MATCHING KEYRANDOM CIPHER PAD

“RCP”7TUNNELS SOFTWARE

7TUNNELS SOFTWARE

RANDOM CIPHER PAD RANDOM CIPHER PAD

ENCRYPTED OUTPUT

TEXTPICTURES

VIDEOVOICE

TEXTPICTURES

VIDEOVOICE

7TUNNELS USES RANDOM NUMBER ONE-TIME PADS TO CREATE PERFECT SECRECY7Tunnels has figured out how to make “one time pad” encryption efficient and cost effective.

7TUNNELSTRUE RANDOM

NUMBER GENERATOR“TRNG”

USER #1 USER #2

+

+

DECRYPTED OUTPUT

or...STORAGE DEVICE, CLOUD, DROPBOX, ETC.

7Tunnels Is Designed To Thwart Brute-Force Attacks And Next-Gen Cyber Threats, Providing Superior Security When Compared To AES-256 And Other Technologies

7TUNNELS ENCRYPTION 1-TO-1 ENCRYPTION KEYS CREATE UNLIMITED “POSSIBLE” RESULTS

1 9 2 4 8 9 3 D F - S W M F D S F 9 R E - S TO R M -T H E - C A S T L E - 1 1 7 7 4 - N TO - O D- 2 3 0 9 4 5 F R L K A I W F N F G T U X

SFFLDKGFL530459WKFSDK-DO-NOT-S TORM-THE-C AS TLE-71417VMSI ICZX-ROJRERIR-3-9MJ

3 4 0 F S L K J D F 9 E L K F M S P R P 9 - 1 7 D O R M - O - N O T LT - S T T - C A H E S E - 1 7 4 3 0 9 6 8 E D L ; G K J S F L K L D -

F G S J 0 A S D FA R 0 4 5 0 9 E S 9 - S F -T H E - N O S E - C A S T L E - R O T S - 4 H - 7 7 1 1 F G V R V 3 9 5 8 3 F R N J D 9 4 K S 4 C

SEOTDJS;LDFGLLGJSDRPGO-CASTLETON-THERMO-DOTS-741-71LKMKLGFIYUVHGVKGER49984R

1 9 2 4 8 9 3 D F - S W M F D S F 9 R E - W R 9 F I B 7 6 5 F G F - 8 3 6 7 4 - N T O - O D - 2 3 0 9 4 5 F R L K A I W F N F G T U X

SFFLDKGFL530459WKFSDK-DO-NOT-S TORM-THE-C AS TLE-71417VMSI ICZX-ROJRERIR-3-9MJ

3 4 0 F S L K J D F 9 E L K F M S P R P 9 - S K L - J G E 9 8 R L - T S T 9 8 V U I G J - 3 4 3 0 9 6 8 E D L ; G K J S F L K L D F G

S J 0 A S D F A R 0 4 5 0 9 E S 9 - S F - T T F S - J O S D F G 4 5 O G D F G L - 8 3 6 F G V R V 3 9 5 8 3 F R N J D 9 4 K S 4 C

SEOTDJS ;LDFGLLGJSDRPGO-CJ3 -WGFDS TEO- IODJS -GMK46LKMKLGFIYUVHGVKGER49984R

STORM-THE-CASTLE-11774-NTO-OD1

32

45

DO-NOT-STORM-THE-CASTLE-7141717DORM-O-NOTLT-STT-CAHESE-174THE-NOSE-CASTLE-ROTS-4H-7711CASTLETON-THERMO-DOTS-741-71

1

32

45

W R 9 F I B 7 6 5 F G F - 8 3 6 7 4 - N TO - O DDO-NOT-STORM-THE-CASTLE-71417S K L - J G E 9 8 R L - T S T 9 8 V U I G J - 3 4T T F S - J O S D F G 4 5 O G D F G L - 8 3 6C J 3 - W G F D S T E O - I O D J S - G M K 4 6

7TUNNELS

IMPOSSIBLE TO DETERMINE WHICH IS CORRECT / TRUE / FALSE

ALL POSSIBILITIES ARE GIBBERISHEXCEPT CORRECT MESSAGE

AES-256

10

shared TRNs protect communications and set up data connections for connected user devices. Digital communications themselves are protected by separately encrypting each byte of a data packet with series of TRNs, then wrapping the encrypted packets in a custom 7Tunnels protocol and sending the packet to the other end of the tunnel. At that point, the same series of TRNs decrypt the data packets (point to point) or send them onward to their ultimate destination.

7Tunnels Software and Blackbox Solutions Software Solution: The 7Tunnels solution is an operating system independent, software-based stack. This enables the 7Tunnels software to be ported to platforms running operating systems such as Linux, Windows, and MacOS. A standard platform or device that has network interfaces, file system and standard libraries can execute the 7Tunnels stack. So far, 7Tunnels has ported its solution to Microsoft Windows, and embedded Linux successfully. It has run on both Intel and ARM based CPUs. If needed, the 7Tunnels software can be ported to other platforms and devices. Black Box Solution: 7Tunnels understands that data security is the priority for its users. To enable the highest level of security, prevent tampering, firewall against network penetration, and prevent malware infection, 7Tunnels crypto solutions are stored in an enclosure. The solution functions as a ‘black box’ for encrypting user data, and integrates easily into networks, data centers, offices, and IT centers. Locking the one-time-pad library in a secure enclosure prevents unused keys from being taken or copied by malware running on the same platform. Various configurations of boxes can be integrated into customer-defined products or systems.

Generating and Distributing True Random Numbers

7Tunnels uses various True Random Number Generator (TRNG) devices that create TRNs. 7Tunnels custom software gathers the TRNs from several connected TRNGs simultaneously.

Efficient and Secure Management of One Time Pads is the Foundation of 7Tunnels’ Quantum-Proof Data Encryption Technology7TUNNELS ENCRYPTION HAS MADE ONE TIME PADS A REALITY IN TODAY’S DATA-DRIVEN WORLD

D O - N O T - S T O R M - T H E - C A S T L E

0 1 0 1 0 1 0 00 1 0 1 0 1 0 0

1 0 0 1 0 0 1 01 0 0 1 0 0 1 0

1 1 0 0 0 1 1 0

MESSAGE TO ENCRYPT

NOTE: DECRYPTION REPEATS THE XOR PROCESS USING THE DESIGNATED MATCHING KEY

ENCRYPTED CONTENT(CIPHER TEXT)

EACH CHARACTER IN A “MESSAGE” HAS A STANDARD

ASCII 8-BIT EQUIVALENT.EX: THE LETTER “T” BECOMES:

0 1 0 0 1 0 1 0 0 1 0 1 0 1 0 0 1 0 1 0 1 0 1 0 1 0 1 0 0 1

1 1 0 1 0 1 0 0 1 1 1 1 0 0 0 0 0 1 0 1 0 1 0 1 0 1 1 0 1

1 0 1 0 0 1 1 0 0 1 0 0 1 0 1 0 1 0 1 0 0 1 1 1 1 1 0 1

0 0 1 1 0 0 1 1 0 0 1 1 1 1 0 1 0 1 0 1 0 1 0 0 0 1 1 0 1 0

0 1 1 0 0 0 0 0 1 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 0 1

RCP “KEY MATERIAL” LIBRARY- TRUE RANDOM NUMBERS -

- TRUE RANDOM SEQUENCES -

RANDOM CIPHER KEYFROM RCP LIBRARY

ENCRYPTION KEY DELETED AFTER USE

THE TWO STRINGS ARE XOR’D ( ) TOGETHER TO

PRODUCE ENCRYPTED CONTENT

11

Once created, the TRNs are duplicated on a local Network-attached Storage (NAS) at 7Tunnels HQ and on an Amazon Web Services (AWS) “Snowball” secure storage system. Network-attached storage (NAS) is a file-level (as opposed to block-level) computer data storage server connected to a computer network providing data access to a heterogeneous group of clients. NAS is specialized for serving files either by its hardware, software, or configuration. The copy on the AWS Snowball is delivered to Amazon, where it is securely uploaded into the 7Tunnels AWS account. When a client-dedicated device is prepared for use, TRNs from the NAS at 7Tunnels are loaded onto the device, and the matching set of TRNs are loaded onto an exclusive endpoint dedicated to the device. Alternatively, an on-demand system triggered by the client may be used. It is also possible to automatically distribute matching sets of TRNs to paired clients through dynamic key replacement technology.

Setting Up a Demonstrator Device and Secure Connection to a Cloud Server

A client-dedicated 7Tunnels demo device and AWS (cloud) server pair are configured and loaded with 7Tunnels software and synchronized TRN encryption key libraries, along with custom configuration files. Devices are then tested with the exclusive server and delivered to the customer for connection to a local network.

Again, it is important to understand that the 7Tunnels technology demonstrator can actually be a software system or app integrated into any device, software program, or software stack with compute power and nominal data storage capability. Layered Defense

Layered defense practices combine multiple mitigating security controls to protect resources and data. 7Tunnels can play an integral role at different levels to protect assets. The primary function of our software is not to prevent hacking/penetrations but instead render intercepted or stolen data useless and indecipherable.

7Tunnels encryption keys are the basis of 7Tunnels’ Quantum Proof security

PHYSICAL RANDOM NUMBER GENERATOR

-BASED ON QUANTUM

PHYSICS-

PROVEN RANDOM-

ABSOLUTE-

SUITABLE FOR ALL CRYP-TO

* NOTE: THE HALF-SILVERED MIRROR IS JUST ONE METHOD THAT CAN BE EMPLOYED AND IS SHOWN FOR ILLUSTRATION PURPOSES ONLY.

TRUE RANDOM SEQUENCING

PHOTON SOURCEHALF-SILVERED

MIRROR*

PHOTONS

“0”

“1”

1 11 0 00 0

7TUNNELS TRUE RANDOM NUMBERS ARE CREATED USING QUANTUM-PROOF RANDOMNESS

1

12

The CIA Triad is a simple, widely accepted security model representing three requirements for any secure system: Confidentiality, Integrity and Availability. Within this triad, the 7Tunnels solution places emphasis on confidentiality and integrity of data. 7Tunnels provides endpoint-to-endpoint encryption with perfect protection between these endpoints. Our solution is based on the use and properties of True Random Numbers, which cannot be predicted – even by quantum computing – making it impossible for the resulting cipher-text to be broken. 7Tunnels applies a True Random Pad to each character of a data transmission (message to encrypt the cleartext. The elegance of the 7Tunnels solution is in the simplicity of its deployment and scalability. The only technology requirements on the endpoint are lightweight computational bandwidth and data storage (for the software and key library). Therefore, the 7Tunnels technology can be easily applied to a vast array of existing and future hardware and software systems.

Providing Secure Transmission, Cloud-based Storage and Dissemination of Data

7Tunnels technology extends the use of big data analytics because it is compatible with all digital forms and enables user employment of AI, machine learning, and robotic automation capabilities.

Data Storage Sequence

• Data are encrypted at the source • 7T Encryptor selects key from its Entropy Storage • 7T Encryptor encrypts data and sends the cipher to the Un-secured Database (i.e., Securing is not required) • 7T Encryptor deletes the key and the region of entropy where the key came from • 7T Encryptor sends user metadata user (i.e., Data which allows the user to identify and find the data and keys in both databases + Key size information) (May elect to obfuscate this data by other means) • The user selects the same key from its Entropy Storage and stores it in the Key Database using the metadata

13

Data Retrieval

• User recovers the cipher of the desired data using the metadata • User recovers the key from the Key Database using the metadata • The Users 7T Decryptor recovers the plain text using the recovered cipher and key

Entropy Manager

• The Entropy Manager insures, that the data source and user are looking at the same region in Entropy Storage • The Entropy Manager monitors the size of the Entropy Storage and when needed adds new entropy from the TRNG

TECHNOLOGY APPLICATIONS

7Tunnels software integrations have been used in various technical applications. This includes porting the technology into a publicly available Microsoft laptop, illustrating the ease and effectiveness of integrating the technology into existing tech products and IoT applications. The 7Tunnels suite of capabilities can be deployed for use with public Wi-Fi and private networks (such as financial, legal, assurance, medical and corporate) for data in motion and with further development, data at rest.

Wherever sensitive or critical data are moving, our quantum ready key management and encryption technologies keep that data safe, even if it falls into the wrong hands. The following sections list the organizations that participated during various stages of our system development and market research, including development discussions, technology demonstrations, beta testing, and ultimately deployment. Note: The illustrations below depict 7Tunnels demonstration devices (AG7 & PG7) with wireless connection from the user’s device(s) to the 7Tunnels demo device (this does allow a small window of vulnerability for a bad actor to vacuum data). Hardwire connections will reduce this vulnerability, but the 7Tunnels technology is actually designed to be integrated into user devices or hardwired black-boxes to eliminate any vulnerability gaps, providing quantum-secure communication.

14

TECHNOLOGY DEMONSTRATORS: DEVELOPMENT AND DEPLOYMENTS Aviation

Wireless communications on corporate and private jets, including emails, confidential videos, texts, VOIP calls, medical emergency live video conferences and file transfers, are easily intercepted by criminals. Recognizing the vulnerability of corporate executives who are transmitting proprietary and sensitive information while flying, 7Tunnels created a portable device – the Aviation Gateway (AG7) for use on corporate and private jets, utilizing existing onboard WI-FI systems.

In January 2016, Brad Townsend, the Director of Maintenance for DuPont’s corporate aviation department, foresaw the need for the development of internet standards for business aviation due to expanding use of internet wireless and satellite systems. As an officer on the National Business Aviation Association (NBAA) maintenance committee and its former Chair, he worked to create a permanent “Connectivity” subcommittee dealing with these issues, with cybersecurity at the top of the list.

Shortly after forming this subcommittee, a joint 7Tunnels/DuPont cybersecurity project was born. As a worldwide business jet operator employing the latest airborne internet connectivity infrastructure, Dupont provided a perfect testbed for the 7Tunnels technology. The corporate

15

aviation industry at large was kept apprised through the NBAA Connectivity subcommittee. After eighteen months of development, 7Tunnels had created a portable electronic device (PED) that did not require physical attachment to the aircraft or a Supplemental Type Certificate (STC) for in-flight use. (Detailed Use Case Scenario available from 7Tunnels)

7Tunnels systems have been in full-time use on all DuPont aircraft over the past year and protect executive and cabin crew communications and data transfer.

“Before settling on the 7Tunnels solution, we put the technology through a rigorous vetting process that included 18 months of analysis and proof-of-concept testing, followed by six months of onboard testing over hundreds of hours of accumulated flight time across multiple countries and continents. We’ve found the AG7 to be easy and intuitive for passengers to use and have recorded little to no added latency or speed reduction during operation.” - Brad Townsend, Director of Maintenance Corporate Aviation.

Commercial Enterprise – Road Warriors

Cybercrime and the war against it have become a top priority for companies large and small. Ransomware attacks are becoming more sophisticated and cybersecurity professionals are responding by finding the right tools. Stolen trade secrets, I.P., financial details, customer data, patented formulas, M&A details, and other sensitive information are exposed and leveraged against its rightful owners. There is a great likelihood your data are at risk and will be subject to ransomware attacks. Though we do not prevent such attacks and cybercriminals may get your data, the mission of 7Tunnels is to keep it safe and ensure it will never be read. Executives on the road are easy targets for cybercriminals and other malicious players. When away from the safety of corporate IT security infrastructure, confidential and sensitive data are exposed. Many executives are transmitting valuable, yet non-secured information utilizing WI-FI systems in airports, coffee shops, hotel rooms, conference centers and other public venues. Key financial and proprietary data, client information, and other sensitive information can be stolen.

16

With the globalization of the workplace, the increasingly remote workforce routinely accomplishes business utilizing unsecure WIFI networks residing outside corporate firewalls. As data are transmitted through convenient, but vulnerable Wi-Fi, cybercriminals can collect and steal exposed proprietary, confidential, and sensitive information. Given the current health pandemic affecting the world, the issues are even more critical. Data communications are at an all-time high, increasing exposure of critical information to cybercrime.

Recognizing company personnel need portable encryption to protect and keep private their work product, communication, and other essential data, 7Tunnels reached out to senior management and key personnel at various companies throughout the United States to test our Personal Gateway System (PG7) a portable encryption system, to provide feedback, and validate its need. Below are a few comments from organizations that participated in various stages of our market research.

7Tunnels approached Steve Urry, the CEO of Synergy, a large corporation focused on property development, management, and investment. Synergy had equipped their corporate jet with an AG7 system to secure data transmission. His frequent travels and need to communicate while on the road made him a perfect partner to test our portable product. Here are Steve’s thoughts:

“As a CEO, people often ask what keeps me up at night. In a cyberattack world, my answer today is vastly different from my response five years ago. Today, most of our staff work in the field, remotely, or while traveling. They are sharing files, client details, proprietary documents, and other information we would not want shared with outsiders. I didn’t understand the risk exposure from hacking until I started conversations with people from 7Tunnels. If your staff is on the go, an encryption device like 7Tunnels needs to be on the go with them.” Steve Urry, CEO – SYNERGY

SAMPLE APPLICATIONS WHERE 7TUNNELS CAN SECURE DATA

In applications when digital communication and data transfer require perfect encryption, 7Tunnels encryption should be deployed. Following are just a sampling of possible applications:

Multiple User Configuration As an example, a legal office has many attorneys in the field, where each attorney requires private access to the client files under their control. They may also allow internet access via the central system acting much like a VPN. Two major elements, the data server maintains each logged in client connection, encryption and security. The pad server monitors and maintains the Random Cipher Pad (RCP) levels of each client and generates new random numbers when required. If the users return to the central system from time to time, a second option may be available for maintaining RCP levels. 7Tunnels technology can provide sufficient RCP storage within designated hardware to meet capacity requirements. In that case, the pad server would be replaced by a manual operation.

17

This kind of system would be useful in many other practical applications. For example, branch bank communications with the home bank, online banking, military pay, veteran’s benefits and other clients requiring absolute security. Additionally, it can be used to encrypt financial transactions on mobile apps.

Government

When 7Tunnels technology is integrated in user devices, there are numerous potential government applications including:

Providing Secure Transmission, Cloud-Based Storage, And Dissemination Of Data 7Tunnels technology can further the use of big data analytics because it is compatible with all digital forms and enables user employment of AI, machine learning, and robotic automation capabilities.

Enabling All Domain Command And Control As an impenetrable part of a layered defense, 7Tunnels technology can provide the confidentiality and integrity required to secure data flowing through all domain networks of multispectral sensors, databases, real-time systems, command centers, operational units, and individual operators. Securing Coalition Communications 7Tunnels technology can afford U.S., Allied, and Partner Nation forces tailorable, modular, and scalable options to protect communications during routine training and contingency operations. The encryption protocol allows for U.S. forces to determine access criteria, provide encryption keys, and terminate access as required for foreign forces without embedded 7Tunnels technology. Meeting DoD Cybersecurity Requirements 7Tunnels technology can provide affordable encryption solutions to help defense contractors comply with DoD information protection requirements of the Cybersecurity Capability Maturity Module.

Unmanned Vehicles (UV) – Air, Land and Sea UVs require uplinks for command and control of both avionics and device controllers, as well as downlinks for telemetry and video. This prevents the UV or its sensitive data from being captured. Given UV capability of long-term operations in remote regions, 7Tunnels’ continuous key replacement technology can ensure operational continuity. Supervisory Control and Data Acquisition (SCADA)

SCADA systems are used to manage infrastructure systems such as pipelines, power generation and distribution, traffic control, manufacturing, fabrication, refining, water treatment and distribution as well as heating and air conditioning systems. The security of a typical SCADA implementation is sadly inadequate. This is a clear and present danger to the USA. A 7Tunnels solution would involve integrating 7Tunnels technology into existing SCADA devices, requiring a close working relationship with existing manufacturers.

A simplistic implementation might include a control room that contains the user interfaces, houses the data server, and the random number source. How the random numbers are re-provisioned depends upon the exact situation, device mobility, and available bandwidth vary greatly. Financial Markets and Banking

Securing the vast amount of financial data, stock market trading, bank transfers, communications, etc., is of vital importance as these are prime targets for cyberthreats. From internal systems for

18

financial institutions to customer and consumer data transfer and credit cards, the obvious need for quantum-secure technology is now.

Medical Devices - Hospital and Remote Patient Monitoring The nurse’s station can monitor patient vital information (e.g., blood pressure etc.) and the status/control of support devices (e.g., intravenous pumps etc.). These systems are typically un-encrypted leaving them susceptible to malicious activity. Since the bandwidth requirements for this type of data are very low these devices can be re-provisioned with RCPs during their normal maintenance procedures.

Medical Records The potential to damage corporations, governments, and individuals, via exposure of medical records and personal data can be catastrophic. With the ever-increasing amount of remote medical care, communications, and record transfers, securing this industry is vital.

Legal Documents and Communications Trading on insider information and damaging M&A activities, along with the exposure of business dealings, patent filings, etc., is yet another big target for bad actors that needs increased security to give clients confidence and protect law firms.

High Speed Data Links In high volume situations where it is not practical to re-provision RCPs either online, physically, or as a background task, the Synchronizable, Crypto Secure PRNG (patent 7) can be used to supply RCPs with minimal communication between the endpoints. The method combines many linear feedback shift registers running primitive polynomials with a multi-gigabyte shared secret to produce random numbers possessing potential provable mathematical properties required by the “Shannon Perfect Secrecy Theorem.” The multi-shift register design makes it easy to multi-process. This 7Tunnels method is useful for direct interface between two computers, undersea cables, etc. Data at Rest

If perfect security for all time is the goal, then the only solution is the one-time pad. There are many ways to implement this depending on the class of data being secured and access requirements. (e.g., many accounts with several fields in each, free form text, etc.). One possible method of implementation is to encrypt the data field by field storing ciphers and keys in different databases that are physically and logically separated. Great care must be used to insure neither is lost.

7TUNNELS TECHNOLOGY ROADMAP

The following concepts and capabilities represent a proposed 7Tunnels technology roadmap. Other options and products can be added to or replace those listed below.

- Dynamic Key Replenishment (patents pending) – Re-key distribution is used to replenish encryption key libraries without the need for physical replacement methods, e.g. delivery of libraries via data stick, storage device or replacement product. Dynamic replenishment technology will address the issue of monitoring key usage levels. Each client

19

pair maintains its own random cipher pad (RCP) storage area. Separate processes monitor the RCP storage areas and request replacement RCPs from the RCP server when the level drops below an established minimum. The RCP server handles multiple instances of client pairs. Dynamic replenishment also allows for smaller volumes of keys on the user device, allowing a wide variety of “small” or portable devices to utilize 7Tunnels encryption without the need for greater storage capacities. - System Code Variants – Develop 7Tunnels technology into various software porting code to streamline integration into devices and software systems. Initial applications include “baked-in” technology for laptop and tablet computing devices, mobile phones, intra-team radios, medical devices, IoT products, network and modem devices, and autonomous vehicle communications systems. - Anti-Tamper (AT) Architecture – Future 7Tunnels products will be created with both passive and active anti-tamper technologies. They will enable Data At Rest applications while maintaining encryption keys within devices and high bandwidth network capabilities that continuously generate new RCPs (see patent 7). - Plaintext / Ciphertext Separation – Because 7Tunnels encryption technologies do not perform repeating mathematical algorithms based on a static key, our hardware does not have characteristic power signatures. Other hardware systems are vulnerable to power analysis attack techniques that can ascertain cryptographic keys. 7Tunnels products hide the power signature of our constantly changing encryption key in the low noise floor of a single processor’s power domain. That said, however, future 7Tunnels products will also be created with independent plaintext / ciphertext power domains with the plaintext domain isolated and AT protected from the ciphertext power domain. - Portable Plug-In Encryption Device – A 7Tunnels USB-style data stick can enable discreet users to employ a variety of owned and “borrowed” devices. Portable data sticks also provide a means to keep encryption technology separate from designated devices. Data sticks can be reloaded or destroyed at will. - Carrier Class Bandwidth System – (10 Gigabit and higher) for large data service centers and high-volume data pipes. 7Tunnels technology can protect high volume data flows that are attractive targets for attackers. This is a “must have enabler” for users with very large bandwidth requirements, including exploitation, analysis, and dissemination of all domain, multispectral sensor data at the “tactical edge” and distant headquarters locations. Developing protection for carrier class bandwidth systems will require a significant investment of resources by government or corporate developers. - Quantum-Secure Encryption for Data At Rest – The system will encrypt data and then store the cipher in a database at a user-defined location while storing the key in a separate database located elsewhere. The user interface (UI) knows where the parts are, retrieves them and decrypts the data. CAUTION: Loss of any part of the data destroys the data. System must have a suitable and secure backup. - Ubiquitous Cyber Signature – Software feature development that transmits a non-threatening signature, ensuring that 7Tunnels technology looks like conventional

20

encryption to avoid drawing attention or additional scrutiny by cyberthieves or other rogue actors. - Ongoing Vulnerability Assessment – All 7Tunnels software and systems must be tested on an ongoing basis to ensure only the highest level of security. - National Level Certification – Long-term analysis and certification of 7Tunnels technologies by an accredited national laboratory will be needed to satisfy various customer and/or government requirements. This will be a long-term effort given the current lack of US government defined standards for quantum encryption requirements.

INTELLECTUAL PROPERTY, PATENTS, ETC.

Hardware – Technology Demonstrators The Portable Gateway System - PG7 is a portable device slightly larger than an average cell phone. Engineered and designed by 7Tunnels, it is designed to be simple to operate, with a series of LEDs indicating activity (encryption and decryption), battery charge and encryption key library volume. The PG7’s custom-machined anodized aluminum enclosure contains two Wi-Fi antennas, allowing it to act as a wireless bridge between a user’s personal devices (e.g., cell phone or laptop) and an upstream network. All components are American made or sourced via suppliers approved by the Department of State.

The Aviation Gateway System - AG7 is a multi-user device that can be used in aviation applications or on-ground small group applications. The AG7’s custom-machined anodized aluminum enclosure houses the off-the-shelf computer hardware, touch-screen, custom 7Tunnels PCBs, antennae, and battery components. It can be used with all Wi-Fi enabled devices, providing secure communications for team members in flight or in a small office.

Software

Core encryption software - This software implements the core encryption and decryption functions on the client operated devices (e.g., AG7, PG7) and servers. The client and server sides are nearly mirrors of each other.

21

PG7 UI - This software displays on a user's device (as a captive portal) once it has connected to the PG7 and allows them to choose an upstream network to connect to and enter the password to connect to it. AG7 UI - This software displays status information on the AG7's screen and allows some control of the device. It also interacts with several internal software tools on the AG7 to gather metrics and control functionality.

Protocol

7Tunnels developed a protocol to manage the encrypted communications channels and efficiently send the encrypted data between the client and server.

Encryption Key Management

7Tunnels created technology – and filed patents – to address the historically difficult challenge of key management logistics. 7Tunnels devised multiple methods to resolve key management issues.

PATENTS & PENDING PATENTS SUMMARY

1. Random Cipher Pad Cryptography (“Basic Technology”)

2. Devices And Methods For Enabling Portable Secure Communication Using Random Cipher Pad Cryptography (“Snowflake”)

3. Systems And Methods For Secure Communication Using Random Cipher Pad Cryptography (“Throughput”)

4. Cryptographic Systems And Methods For Extending Apparent Size Of Pools Of Truly Random Numbers (“High Volume”)

5. Cryptographic Systems and Methods For Modification Of Pools Of Truly Random Numbers (“Pad Warping”)

6. Cryptographic Systems And Methods For Maintenance Of Pools Of Random Numbers (“Pad Server/Dynamic Update (Asymmetrical TRNG + Secure Comm”))

7. Cryptographic Systems And Methods For Developing Pools Of Random Numbers (“Synchronizable, Crypto Secure PRNG”)

22

SUMMARY AND CONCLUSION

7Tunnels: • Developed a post quantum computing era encryption system unlike anything currently available: a simple, elegant, and efficient solution • Offers a non-mathematical, quantum-secure technology ready for advancements today and into the future • Applicable for all type of digital communications over networks, scalable for large user groups, point to point (air to ground, ground to ground, satellite to ground, and other systems) and can be applied to any software stack of black box • 7Tunnels technology demonstrators are in use today by Fortune 500 companies, including DuPont, and other organizations • 7Tunnels’ robust technology is designed to be integrated into any software stack or tech product and currently runs on Windows, Linux and Raspberry Pi and other embedded systems, and can run on Mac iOS, and other systems as a software or black box solution

Quantum computing is coming. Since 2016, 7Tunnels, with its US-based operations, US citizen engineers and staff, has been creating unique, next generation, patented key management and encryption technologies for the post-quantum era. We have invested countless hours in development, interacting with dozens of potential users, beta testing, and perfecting a simple, yet reliable solution for the impending data pandemic and its associated peril. Beyond research, development, and investment, 7Tunnels is postured for an acquiring organization to leverage our technologies and deploy them on a global scale. We are currently in discussions with several organizations that are ready to test and utilize our technologies.

Quantum computers will offer unprecedented benefits to tackle problems that today’s computers cannot. However, this phenomenon will force us to change the way we approach cybersecurity, recognizing that the algorithms used today are at risk today. 7Tunnels quantum-secure key management and encryption are available today to confront the very real threat we will soon face. REFERENCES

Cybercrime Magazine (2019). Cybercrime Damages $6 Trillion By 2021. Retrieved from https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ Dickson, F. (2019). Sensitive data are widespread in digital transformation environments. Retrieved from https://www.thalesesecurity.com/2019/data-threat-report Hermann, A. (2018). Winning the race in quantum computing. Retrieved from https://americanaffairsjournal.org/2018/05/winning-the-race-in-quantum-computing/ IBM (2019). How much would a data breach cost your business? Retrieved from https://www.ibm.com/security/data-

23

Morgan, S. (2017). Is cybercrime the greatest threat to every company in the world? Retrieved from https://www.csoonline.com/article/3210912/is-cybercrime-the-greatest-threat-to-every-company-in-the-world.html National Institute Standards and Technology (2019). Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process, NISTIR 8240. https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8240.pdf

Security Magazine (2017). Hackers attack every 39 seconds. Retrieved from https://www.securitymagazine.com/articles/87787-hackers-attack-every-39-seconds

Wyden, R. (2018). Bill Requires Radical Transparency About How Corporations Share, Sell and Use Your Data; Creates Tough Penalties and Jail Time for Executives. Retrieved from https://www.wyden.senate.gov/news/press-releases/wyden-releases-discussion-draft-of-legislation-to-provide-real-protections-for-americans-privacy

CONTACT INFORMATION For additional information on 7Tunnels, please see our website: www.7Tunnels.com

For DuPont Use Case Report, technical and operational documentation, you can request access to the 7Tunnels VDR (under NDA).

For additional information on 7Tunnels, Inc., please contact: David Wiener, Chairman & CEO

d.wiener@7Tunnels.com 1.435.640.1650 P.O. Box 982470 Park City, Utah 84098 USA

© - Copyright 2020 – 7Tunnels, Inc.