“Signing everything” means using cryptographically secure digital signatures on every transaction. In this zero-trust environment, data is only sent/ingested when valid digital signatures are used. No more shared secrets.

We achieve this by combining the most advanced key management protocol available, Key Event Receipt Infrastructure (KERI), with an approach to confidential and authentic data exchange called ESSR, for “Encrypt Sender’s key and then Sign Receiver’s key”, which is detailed here. For a more accessible explanation see the following: PKAE1, PKAE2, PKAE3.

This unique combination of protocols allows our gateways to establish True Zero-Trust connections that rely on post quantum secure identifiers, while keeping your “keys at the edge”, where they belong.

Setting up

The first step to securing all your data is setting up your environment and installing the demo software.

Setup your Environment

Ensure you have the necessary software installed on your system

Get the Software

Get the starter kit Docker image, compose files and associated data

Learning RACK

Next is learning how our Routing, Authentication and Confidentiality with KERI (RACK) Gateways work. Install and configure using the following tutorials to learn how secures your data transactions.

Quickstart

Connect 2 gateway peers to secure data between 2 Mirth instances

Routing Through the Cloud

Use healthKERI’s SaaS service to route data through cloud routers

Establish Data Provenance

Create long lived digital signatures that can persist with data forever

Protect Web Portals

Allow secure Zero-Trust access to any web portal