Announcing Project E3DB: The End-to-End Encrypted Database

Update: TozStore is out of preview and into production! We are looking for early adopter developers to try it out and give us feedback. Today, Project E3DB is a tool for programmers who want to build an end-to-end encrypted database with sharing into their projects. We are providing a command-line client for you to play with and a Java SDK to prototype …

Personal Data Services Promise User Privacy

There’s no question the data that organizations collect and share about users is valuable. Whether it’s content created by users or metadata about users, that information could be used to streamline healthcare or corporate operations, prevent fraud, or increase marketing opportunities. Data sharing by ad networks or data brokers is commonplace, yet users have virtually no visibility or control over …

FBI vs Apple: how did we get here?

Apple and the FBI have been headlining recently in a debate about cryptography. Crypto is one of those fields that very few people actually understand well; it’s nuanced and complex, just like the current debate, and small mistakes can have big consequences. I recently found myself picturing this debate in a series of over-simplified cartoons. I wonder if these can …

GCN Article: Making mobile phones the authentication hubs for smart homes

Our NSTIC privacy project was highlighted in an article at GCN by Derek Major. Tozny serves as the technical lead for the pilot programs and will build the data storage and sharing platform by tackling one of the weakest links in cybersecurity today: the password. Tozny’s solution replaces the username and password with something people use for almost everything: the …

Article: NIST Testing out passwordless smart home

Mohana Ravindranath over at NextGov wrote a nice piece about our NIST privacy pilots. Tozny, a subsidiary of tech company Galois, aims to test one system that encrypts user data generated by the “smart home,” and another that would let transit riders use their mobile phones as tickets, Galois principal investigator Isaac Potoczny-Jones said in a blog post outlining more details about the project. The …

Tozny CEO interviewed about PKI

Isaac contributed to some technical background for an interesting article at c4isrnet.com about the use of Public Key Infrastructure (PKI). “Humans are terrible at generating and remembering random stuff, and the strong crypto on PKI is virtually impossible to brute force,” said [Tozny CEO] Isaac Potoczny-Jones, research lead, computer security, for Galois, a technology research and development consulting firm with an …

FedScoop: NIST IoT project explores how to ditch passwords, maintain privacy

Head on over to FedScoop to read the latest about Tozny. A project that lets consumers use their mobile-phone bus passes to control smart home systems may set the table for a forthcoming framework from the National Institute for Standards and Technology dedicated to protecting user privacy…   “The idea is to build privacy-preserving personal data stores to allow new …

Portland Business Journal covers Tozny’s NSTIC project

The Portland Business Journal discusses Tozny’s new NSTIC project in an article by Malia Spencer. “Computer science research and development firm Galois, mobile ticketing firm GlobeSherpa and smart home startup IOTAS are teaming up on a project funded by the federal National Institutes of Standards and Technology. The effort could lay the groundwork for Internet of Things applications that will …

How the Federal government is attempting to protect the Internet of Things

Here’s a great article over at NextGov about various efforts the Federal government is involved with to secure the Internet of Things. Tozny CEO Isaac Potoczny-Jones mentioned NIST’s new privacy frameworks in the context of IoT. Galois is working with NIST on a pilot in which consumers’ information, culled from smart-home services, could be integrated into a “privacy preserving data store,” …