Protocol for secure communications D2OTP

The D2OTP protocol provides the defence sector with secure communications without the need for a public key infrastructure (PKI), guaranteeing mutual authentication, confidentiality, integrity and non-repudiation through OTPs and challenge-response. Its design allows it to operate in disconnected environments, with high traceability and operational control, ideal for critical orders and tactical networks.

In order to find partners for one of our projects, we have published the following on the EEN Marketplace: https://een.ec.europa.eu/partnering-opportunities/development-software-module-based-patented-protocol-drastically-reduce

The D2OTP (Drive 2 One Time Password) Protocol for Secure Communications

D2OTP (Drive 2 One Time Password) is designed to secure communications by means of one-time keys, generated in a decentralised manner each time the applications exchange messages. It uses symmetric keys to encrypt the information that the sender application sends to the recipient and ensures that the recipient securely receives the information, ensuring its integrity and the identity of the sender application. Its communications meet the requirements for secure communication: confidentiality and integrity of the transmitted information, mutual authentication of the communicating parties, and non-repudiation. Its implementation does not require a complex infrastructure or the replacement of network elements; it is executed in the communicating applications in a lightweight, monolithic software module, integrated in the applications, guaranteeing the security of the information from the sender application to the recipient, end-to-end. Its operation is independent of the technological characteristics and communication protocols of the network that transports the information from the sending application to the receiving application.

With the advancement of quantum computing and its potential impact on the security of asymmetric cryptographic schemes, the D2OTP protocol is presented as a resilient alternative by design, as it dispenses with the use of public keys and relies on one-time symmetric encryption and authentication mechanisms. Given the urgency to renew PKI infrastructures and prevent communications registered today from being decrypted for criminal purposes by future quantum computers, D2OTP quickly and cost-effectively overlays existing PKI infrastructures, shielding communications from quantum threats

Potential Economic Savings with D2OTP

Estimates suggest that the global cost of cybercrime could exceed $10 trillion (~9.2 trillion euros) by 2025, with phishing being the primary access route for up to 80% of cybercrime. By using single-use encryption keys and performing mutual authentication, D2OTP significantly reduces the fraud associated with phishing, with a substantial impact on cost savings that, if applied widely and globally, could be valued at an estimated one to several billion euros per year.

Frictionless Integration

The adoption of D2OTP does not require disruptive changes to the network infrastructure. It is sufficient to incorporate, in the communicating applications, the module that generates and validates ephemeral keys for each transaction, without interrupting existing workflows. Even an automatic update of the applications is conceivable. This gradual integration capability supports continuous deployment processes (DevOps) in large organisations or multi-cloud environments, simplifying adoption and ensuring a rapid return on investment in improved cybersecurity.

Key features

1. Dynamic Passwords (OTP)

2. Decentralised Distribution

3. Direct Mutual Authentication

4. Implicit Signature and Non-Repudiation Mechanism in D2OTP
   One of the most relevant aspects of D2OTP is how it incorporates ephemeral cryptographic elements that allow unequivocal confirmation that an initial message has been received and processed by the recipient, without the need to use public key schemes or digital certificates. The sender generates certain random codes or tokens in each message and includes them, encrypted, together with the content to be transmitted. The recipient, after successful decryption, retrieves these tokens and uses them to construct the response, so that the sender can verify that the recipient did indeed have access to the content of the original message and processed it correctly.

5. Modular Deployment
   D2OTP is integrated into the software of communicating applications, making it easy to adopt in complex, federated networks without the need for extensive reconfiguration of the network stack.