To Mitigate Insider Threats
Here is a chilling report “Forget your space-age IT security systems. It might just take a $1m bribe and a willing employee to be pwned”
To help mitigate these internal threats, we have our own proposition named Authority-Distributed CryptoMnemo, with which an encryption/decryption key, which had been destroyed at the end of the previous run, will be regenerated on-the-fly when (only when) 3 users work together. The key will be eliminated again when the program is closed.
The CryptoMnemo software was completed in 2005. But we soon ran out of money for putting it on the market and we have since had no resources to bring it back. Now that we have set up our headquarters in UK for the global operations, we are considering its revival with the latest safe coding technologies.
The system can be easily tweaked to regenerate a private key of the public/private key pair instead of a symmetric key.
** The essential point is that we do not rely on ‘hard-to-remember’ and ‘easy-to-evaporate’ text passwords but rely on ‘hard-to-forget’ and ‘panic-proof’ episodic image memory that had solidly fixed deep in our brain for many years as the original seed of the cryptographic keys.
< References >
Image-to-Code Conversion by Expanded Password System
Proposition on How to Build Sustainable Digital Identity Platform
External Body Features Viewed as ‘What We Are’
History, Current Status and Future Scenarios of Expanded Password System
Negative Security Effect of Biometrics Deployed in Cyberspace
Removal of Passwords and Its Security Effect
Update: Questions and Answers — Expanded Password System and Related Issues (30/June/2020)
< Videos on YouTube>
Slide: Outline of Expanded Password System (3minutes 2seconds)
Demo: Simplified Operation on Smartphone for consumers (1m41s)
Demo: High-Security Operation on PC for managers (4m28s)
Demo: Simple capture and registration of pictures by users (1m26s)
Slide: Biometrics in Cyber Space — “below-one” factor authentication
< Latest Media Articles Published in 2020 Spring>
Digital Identity — Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/
‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/
Identity Assurance And Teleworking In Pandemic https://www.informationsecuritybuzz.com/articles/identity-assurance-and