Cipher Box M

Identity management

Cipher Box M uses multiparty IDC-protocol to distribute the identities of a constellation in a defined network. There are no centralized services and no risk for the network participants if a device is lost.

Multipoint security

Cipher Box M is ideally suited for secure tunnels in multipoint networks. There are no complications stemming from centralized servers or heavy duty security key management. All users are connected and encrypted without PKI mechanism.

Scaling benefits

As is the case with all PKI based secure connections, VPN connections are difficult to implement in scale. Cipher Box M uses the IDC-protocol to create secured tunnels with significant scale benefits for easier and faster implementation.

Forensic security

Cipher Box M is equipped with both physical and software level protection in case the device is lost. Physical lock and multiparty based secret sharing ensure that all critical communication secrets stay in the user’s exclusive posession.

Cipher Box – next generation IP-security

Cipher Box M is the next generation IP encryption device with clean hardware design for modern security requirements in IP networked world. It creates secure connectivity with upgraded security in ways current legacy based technologies can not deliver.

The unique Cipher Box M gains from multiparty protocol (“MPP”) which handles identity and cipher key exchanges between multiple entities. MPP protocol is XXLSEC proprietary multiparty consensus protocol with no visible META DATA on transmission and complete device forensic security.

Cipher Box M with MPP fully meets the functional requirements under modern zero trust cyber security strategy.

Cipher Box M device runs PriveOS, vanilla Linux based Operating System and selected software components. They meet essential base for highest level of security requirements for any business critical system or infrastructure. The hardware and all software components are auditable to source code level. Therefore there are no hidden elements or binary code from unknown sources.

Encrypting IP connections with Cipher Box M upgrades traditional VPN device approach, including multicast encryption. Cipher Box M encrypts IP traffic with any symmetric algorithm user choose to use and enables crypto modernization to reach required security level.

Cipher Box M physics and electronics are designed to secure your cipher primitives at strictest professional level. Abloy lock on the unit prevents any physical intrusion while in transport and in use.

  • Immediate revocation

    If any of the Cipher Boxes in a constellation is lost, it can be separated and isolated immediately from the trusted constellation using the IDC-protocol revocation mechanism.

  • Dynamic trust anchor

    Implements dynamic user controlled trust anchor in zero trust environment.

  • Low latency compatible for 5G networks

    Cipher Box M is designed for connections and communication requiring sub 1ms response. This is vitally important in 5G networks and all critical real time response applications.

  • Secure MACsec key delivery

    Cipher Box M with multiparty protocol delivers secure method for exchanging MACsec keys in closed user group. This creates layer 2 secure network slice for example to SD-WAN and LAN networks.

  • Multi-layer security

    Cipher Box M is equipped to offer multi-layer security. Payload can be sliced to deliver a communication in different layers and in different networks. This is a fundamentally important feature to meet 5G slicing recuirements.

  • Meta data protection

    For enhanced security, the payload traffic does not include clear text identities or used security parameters – but only random traffic.

  • Multicast traffic

    Cipher Box M is capable of delivering encrypted multicast payload with none or minimal latency depending on network quality – which may be needed for broadcasting purposes, and for certain real time voice communication like Push-To-Talk (PTT) and other applications in local/tactical and public networks.

Solution example 1:
Global enterprise secure WAN and LAN networks

Global enterprise wants to establish secure connectivity between its global HQ and its other operating sites and factories, secure WAN. Cipher Boxes are deployed globally to create a distinct security layer fully and exclusively controlled by the user. Also separate network slices with MACsec keying for critical business systems inside the WAN. All connections are now secured and updated with the multiparty protocol. This represents a major security enhancement with reduced risks and it creates better resiliency for all business critical operations.

Solution example 2:
IoT authentication

Enterprise IT-system for a global professional services firm includes end devices, servers and sensors which carry sensitive operating and client information. Cipher Boxes are deployed to create a secure authentication platform to cover all critical communications and systems. Added with fast and easy revocation and new peer installation capability, security risks are significantly diminished. Moreover efforts and related costs of system administration are reduced.


Cipher Box M technical features

Size 90x142x42 mm
Case Aluminium with a physical lock
Display None – browser based UI
Processor A9 NXP iMX6
Memory 2 GB RAM, 8 GB
Connectivity 10/100 Mbit/s RJ45
2*usb, 1*HDMI
Audio 3,5mm
Buttons None
Operating System PriveOS
Manufactured Finland by XXLSEC