Non-Existent Crypto Keys to be Regenerated from Image Memory when Needed
Today’s serious topic is serious — “Microsoft explains how China stole one of its secret keys” https://www.theregister.com/2023/09/06/microsoft_stolen_key_analysis/
Crypto keys hidden somewhere on the device or net could be stolen, whether crash dump or otherwise, and could wreak havoc. Mindful of that, we are promoting the on-the-fly key regeneration by image-to-key conversion since 2004.
Plain Logic — Image data of the several pictures that the user selects from the grid to be turned into digital code of any length
Secure Processing of Image Data — Image data of a picture that the user picks up will be hashed by the likes of Sha256. Hashed data of the selected several pictures will be put together and hashed by the likes of Argon2id. The Argon-hashed data will be outputted as the code to be used as a crypto key. With unique salts added, a number of derivative keys can be automatically generated from the first code in a single process. (*2023 version)
On-the-fly Regeneration — The code thus generated will be eliminated when the program is shut down. It no longer exists anywhere in the universe. When the code is required next, the user will only need to select the same pictures — The same code will be regenerated.
Leakproof — Should a hacker break into the program, they would not find any secret data they may want other than login credential invincibly hashed by Shar256 and Argon2id.
Entropy — What ‘several images among dozens’ has to cope with is not the automated brute force attacks on the server, but visual-manual attacks on the display. A million trials, say, 20 bits, would be no more than a joke against automated brute force attacks. However, it makes a pretty tall wall against visual-manual attacks, particularly when the positions of images are randomly changed.
On the other hand, the entropy of the code that faces brute force attacks can easily be 160bits, 320 bits or even megabits, gigabits, terabits by linking thumbnail images to massive unique dataset. The burden on the user will still be the same — locating several unforgettable pictures of episodic memory.
Current Status — Teaming up with the top brand of quantum resistant cryptography — “Cyber Leaders Join Forces to Protect Digital Identities and Data at Risk” https://www.americanfinancialtribune.com/article/644965697-cyber-leaders-join-forces-o-protectdigital-identities-and-data-at-risk
Reference — “On-the-fly regeneration of cryptographic keys made feasible by our episodic memory” https://www.linkedin.com/posts/hitoshikokumai_identity-authentication-password-activity-6794790426068037632-sIFF
Still hiding crypto keys on the net to see them stolen to wreak havoc?
