CrypTec product enhances security
06-18-2008, Tulsa World - Robert Evatt . . . 8_32_E1_RmeisB741907
The firm's RedVault encryption invention is hardware-based.

It's been barely a month since TU students Michell Witt and Fernando Bermudez placed second in an annual business plan competition, but they're already putting their formula into motion.

CrypTec Solutions Inc. will soon market RedVault, a form of image encryption for computers, copiers, scanners and other devices that's hardware-based, rather than current software-based encryption methods.

"There are ways to protect imaging devices, but the software has been broken time and time again," Witt said.

CrypTec's business plan for marketing the device invented and patented by Digital Forensics Professionals took second in this year's Donald W. Reynolds Governor's Cup Collegiate Business Plan Competition.

Gavin Manes, founder of DFP and a research assistant professor in the Institute for Information Security at the University of Tulsa, said CrypTec's plan will allow DFP to finally release some of the ideas it has invented and patented in its spare time.

"We develop a lot of things, patent them and then put them on the shelf," Manes said. "We're serial inventors."

Manes said the concept behind RedVault was developed years ago in response to government requests for better security solutions for sensitive images, which can include scanned documents, satellite map information and blueprints. However, money to manufacture it never materialized when the Iraq War shifted priorities.

Turning over the marketing of RedVault to Witt and Bermudez, who will both graduate from TU with MBAs this summer, was the best way to get it out of storage and into businesses, Manes said.

RedVault works by using a circuit board that comes between where the image is displayed or produced and the hard drive where it is stored. The only way to access the data is by plugging in a separate USB drive with the digital key loaded on it, Witt said.

"You'd have to steal the board, the hard drive and the key to be able to get it," she said.

Manes said the reason that software-based encryption is so vulnerable is that the key to unlock the information is hidden somewhere on the computer.

"It's like having a tab lock on a cash box, but then duct-taping the key to the top of the box," he said.

If RedVault's physical key isn't present, users have no way to decrypt the data. Manes said this also makes encrypted data easier to destroy, since traces of software can remain after being erased or flushed from temporary storage after the computer is turned off.

Witt said that while RedVault could be used by any number of industries, the company will focus on selling to leasing companies first.

"With a smaller amount of leasing companies, we'll be able to take advantage of their distribution channels and create brand awareness," she said.

The company will also focus on selling to companies in the Tulsa area, since Bermudez said it wants to be able to provide support for the product. From there, the company will expand by covering more states and more industries.

Manes said DFP, which will retain ownership of RedVault and lease the rights to CrypTec, will begin manufacturing the device within two months.