SlideShare a Scribd company logo

Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory

Download as DOCX, PDF
Hitoshi Kokumai
Hitoshi Kokumai

This is a slide with script presented at Conference On Cyber Security In Financial Institutions by Banking Association of Central and East Europe on 24th February 2023 - https://baceeconference.com/cyber-security-conference/ The issues mentioned on P19 are discussed here - "More Issues on Digital Identity" https://www.slideshare.net/HitoshiKokumai/more-issues-on-digital-identity-24feb2023

Technology
1 of 20
Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory with the values of democracy 24th February, 2023 Hitoshi Kokumai, Chief Architect Mnemonic Identity Solutions Limited 90-second introductory video I ‘m Hitoshi Kokumai, Founder and Chief Architect at Mnemonic Identity Solutions Limited (MIS), set up in August 2020 in United Kingdom. I am advocating the principle of ‘Identity Assurance by Citizens’ Own Volition and Memory’ since 2001. We have a 20 years long pre-history of technology development, product making and commercial implementations with some 1 million dollar sales. Our champion use case is Japanese Army deploying our solution on field vehicles since 2013. They will continue to use it for at least 10 more years. At MIS we are going to help global citizens fend off cybercrime by their non-volatile long-term memory, with the values of democracy. Let me present a 90-second introductory video on our solution that we call Expanded Password System - https://youtu.be/T1nrAlmytWE
From ‘Password Fatigue’ to ‘Fatigue-free Password’ Passwords are Hard to manage And yet, absolutely necessary Identity theft and security breaches are proliferating Critical problem requiring valid and practical solutions 2 There could be two approaches to cope with the problem of Password Fatigue. One is to throw away the password altogether, and give up the valuable security somehow provided by the password. This is what ‘passwordless’ and ‘biometrics’ authentication schemes are supposed to be achieving, well, to the delight of criminals. Moreover, democracy would be lost where the password that we feed volitionally was lost. When authentication happens without our knowledge or against our will, it’s a 1984-like Dystopia. Another is to promote ‘Fatigue-free’ Password System. This is what we are achieving with Expanded Password System powered by citizens’ non-volatile episodic memory. Say, from 'Password Fatigue' to 'Fatigue-free Password'
Basics of Authentication Factors Let us first go through the basics of authentication factors. ‘Yes or No’ on feeding correct passwords and ‘Yes or No’ on presenting correct tokens are deterministic, whereas biometrics which measures unpredictably variable body features of living animals in ever changing environments is probabilistic. It’s practically impossible to compare the security of a strong or very weak password with that of a poorly or very wisely deployed physical token even though both passwords and tokens are deterministic, Deterministic authenticators can be used on its own, whereas a probabilistic authenticator would lose its availability when used on its own. Direct comparison of something deterministic and something probabilistic would absolutely bring us nowhere. Deterministic authenticators can be used together in a security-enhancing ‘multi-layer’ deployment, whereas probabilistic authenticators can be used with another authenticator only in a security-lowering ‘multi-entrance’ deployment unless we can forget the availability as illustrated here. Password, token and biometrics are ‘authenticators’, while multi-factor schemes, distributed digital identity, single-sign-on schemes and password management tools are all ‘deployment of authenticators’; We would obtain nothing by comparing the former with the latter.
What’s New? The idea of using pictures has been around for two decades. New is encouraging people to make use of citizens’ non-volatile episodic image memories. The idea of using pictures for authentication is not new. It’s been around for well more than two decades, but the simple forms of picture passwords were not as useful as had been expected. UNKNOWN pictures we manage to remember afresh are still easy to forget and confuse. Expanded Password System is new in that it offers a choice to make use of KNOWN images that are associated with our personal experiences, as you saw earlier in the introductory video.
Since the images of episodic memory are not only Non-Volatile but also are the least subject to INTERFERENCE of MEMORY,
it enables us to manage dozens of unique strong passwords without reusing the same password across many accounts or carrying around a memo or storage with passwords on it. The key logic is, simply, “There are several known images in the grid. I can easily find all of them right away. Only I can select all of them correctly.” Furthermore, watching memorable images makes us feel pleasant, relaxed and even healed; What about seeing the pictures of comfortable places where you had nice experiences with your family at each login?
"Memory of past episodes provides a sense of personal identity - the sense that I am the same person as someone in the past" Source: Memory and the Sense of Personal Identity. Mind, 121(483), 677-702. http://www.jstor.org/stable/23321780 Episodic Memory and Personal Identity The role that our episodic memory plays for our sense of personal identity is now broadly known, for instance, "Memory of past episodes provides a sense of personal identity - the sense that I am the same person as someone in the past" Episodic memories of citizens are now collectively playing a critical role in building a solid and sustainable identity assurance platform.
Broader Choice If only text and # are OK It’s a steep climb … to memorize text/number passwords to lighten the load of text passwords to make use of memorized images 3UVB9KUW 【Text Mode】 【Graphics Mode】 【Original Picture Mode】 Recall the remembered password Recognize the pictures remembered in stories Recognize the unforgettable pictures of episodic memories Think of all those ladders you have to climb in Donkey Kong ;-) Low memory ceiling Very high memory ceiling High memory ceiling + + 8 Shall we have a bit closer look at what it offers? With Expanded Password System, we could imagine a situation that escalators and elevators are provided along with the staircase. We could opt to continue to recall the remembered text passwords, although the memory ceiling is very low. We could opt to recognize the pictures remembered in stories. We would be able to manage more and more of them. Where we choose to make use of episodic image memory, we would be able to manage as many passwords as we like without any extra efforts.
Relation of Accounts & Passwords Account A Account B Account C Account D Account E, F, G, H, I, J, K, L----------- Unique matrices of images allocated to different accounts. At a glance you will immediately realize what images you should pick up as your passwords for this or that account. 9 Being able to recall strong passwords is one thing. Being able to recall the relation between accounts and the corresponding passwords is another. When unique matrices of images are allocated to different accounts, those unique image matrices will be telling you what images you should pick up as your password for this or that account. Expanded Password System will thus free us from the burden of managing the relation between accounts and the corresponding passwords.
Isn’t Episodic Memory Malleable? We know that episodic memories can change easily. … But that doesn’t matter for authentication. It could even help. 10 It’s known that episodic memories are easily changeable. From confidentiality’s point of view, it could be even better than objectively factual memories since no clues are given to attackers.
What about Entropy ‘CBA123’ IS ABSURDLY WEAK. WHAT IF ‘C’ AS AN IMAGE GETS PRESENTED BY SOMETHING LIKE ‘X4S&EI0W’ ? WHAT IF ‘X4S&EIWDOEX7RVB%9UB3MJVKEIXE94AN2KDGHQD PGPE#IDGHEI’ INSTEAD OF ‘CBA123’ GETS HASHED? 11 Generally speaking, hard-to-break passwords are hard-to-remember. But it’s not the fate of what we remember. It would be easily possible to safely manage many of high-entropy passwords with Expanded Password System that handles characters as images as you see here. If started from the whole image data, the overall entropy could easily exceed millions of bits. By the way, threats of 'visual-manual attacks on display’ are very different to 'automated brute force attacks’ on the data server. A figure of ’20-bits’, say, a million attempts, for instance, would be just a bad joke against automated attacks, whereas it would make a pretty tall wall against visual- manual attacks on display.
Huge Improvement • Password fatigue alleviated for all • Better security for password-managers and SSO services • Even better security for multi-factor authentications • Less vulnerable security for biometric products Backward-Compatible • Nothing lost for users who wish to keep using text passwords Enjoyable Login • Get the images in your matrix registered. It’s easy and joyful. 12 What to Gain People who enjoy handling images will gain both better security and better convenience. The only extra effort required is to get the images registered; people already do that across social media platforms and apparently love it. Then, huge improvement as show here.
Typical Use Case Japan’s Army adopted our product for accepting ‘Panic- Proof’ and yet ‘Hard-to- Break’ credentials. Japan Ground Self-Defense Force, aka, Army is using Expanded Password System for authentication of the personnel who handle the encrypted data exchange between commanders and field communications vehicles since 2013. Some 460 licenses were offered to field communications vehicle. With each vehicle shared by multiple soldiers, the number of people who use our solution are now supposed to be in many thousands. The number of licenses increased more than 10-fold over the 10-year period of use from 2013. And, the client tells us that it will stay in use for at least 10 more years. We humbly assume that they are well satisfied with our solution.
Client Software for Device Login Applications Login Image-to-Code Conversion Server Software for Online-Access 2-Factor Scheme Open ID Compatible Data Encryption Software with on-the-fly key generation Single & Distributed Authority Unlimited Use Cases 14 Applications of Expanded Password System will be found wherever people have been dependent on text passwords and numerical PINS, And wherever people need some means of identity authentication, even if we still do not know what it will be.
Launching Global Operation Following experimental successes in Japan, we set up our global headquarters as Mnemonic Identity Solutions Limited (MIS) in United Kingdom in August 2020 - https://www.mnemonicidentitysolutions.com/ With the sales of some 1 million dollars and a successful adoption by Japan’s military in 2013 at a preceding Japanese entity named Mnemonic Security, Inc., we came to realise that it will not be in Japan but the global market that decides the future of our endeavour. We set up Mnemonic Identity Solutions Limited with British colleagues in UK in 2020 for launching the global operations.
First Global Project “Mnemonic Gateways” Leak-proof Password Manager with No Password Vault powered by citizens’ non-volatile episodic image memory 90-second demonstration video What if we come up with a password manager powered by citizens’ non-volatile episodic memory? It’s ‘leak-proof’; the passwords, which are generated and re-generated on-the-fly by our image-to-code converter from users' hard-to-forget episodic image memory, will be deleted from the software when it’s shut down. The merits of episodic image memory make it possible to do without the likes of a password vault. It also enables citizens to handle multiple password managing modules with multiple unique sets of images; it helps us avoid creating a single point of failure. Please watch a 90-second demonstration video - https://youtu.be/0nNIU4uYl94
Mnemonic Gateways makes the first product for our global operations. We will expect the revenue from the sales of high-security versions for tens of millions of professional users, while offering a standard version to billions of global consumers at no cost. It’s now on the way towards Beta release. We expect to make the formal announcement in the very near future
Goal Make Expanded Password System solutions readily available to all the global citizens – rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster – over many generations until humans discover something other than 'digital identity' for safe and orderly societal life. Our mission is to make Expanded Password System solutions readily available to all the global citizens – rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster – over many generations until humans come up with something other than 'digital identity' for safe and orderly societal life.
More Issues on Digital Identity 19 I would have taken up these issues as well if I had another 20 minutes - - Phishing Deterrence - Cryptography and Digital Identity - AI and Quantum-Computing - Login under Duress - 2-Channel Expanded Password System - Secure Brain-Machine-Interface - Security-Destructive Passwordless schemes - Misused Biometrics - Stopgap Hybrid Text Password - Dementia and Identity I would have taken up these issues as well if I had another 20 minutes
There exists a secure and yet stress- free means of democracy-compatible identity authentication. That is Expanded Password System Thank You for Your Time Hitoshi Kokumai Founder & Chief Architect Mnemonic Identity Solutions Limited Profile https://www.linkedin.com/in/hitoshikokumai/ hitoshi.kokumai@mnemonicidentitysolutions.com kokumai@mneme.co.jp 20 24th February 2022 Mnemonic Identity Solutions Limited As such, there exists a secure and yet stress free means of democracy-compatible identity authentication. That is Expanded Password System Thank you very much for your time.

Recommended

Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Hitoshi Kokumai
 
Fend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryFend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryHitoshi Kokumai
 
Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Hitoshi Kokumai
 
Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Hitoshi Kokumai
 
Bring healthy second life to legacy password system
Bring healthy second life to legacy password systemBring healthy second life to legacy password system
Bring healthy second life to legacy password systemHitoshi Kokumai
 
Expanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceExpanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceHitoshi Kokumai
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)Hitoshi Kokumai
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 

Recommended

Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Hitoshi Kokumai
 
Fend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryFend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryHitoshi Kokumai
 
Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Hitoshi Kokumai
 
Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Hitoshi Kokumai
 
Bring healthy second life to legacy password system
Bring healthy second life to legacy password systemBring healthy second life to legacy password system
Bring healthy second life to legacy password systemHitoshi Kokumai
 
Expanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceExpanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceHitoshi Kokumai
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)Hitoshi Kokumai
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentationJoan Dembowski
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryHitoshi Kokumai
 
Persuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTPPersuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTPIJCSIS Research Publications
 
issue15
issue15issue15
issue15Christine Trujillo
 
How well are you delivering your experience?
How well are you delivering your experience?How well are you delivering your experience?
How well are you delivering your experience?Andrew Fisher
 
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...IOSR Journals
 
Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak Choudhary
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Hitoshi Kokumai
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaIOSR Journals
 
Graphical authintication
Graphical authinticationGraphical authintication
Graphical authinticationTapesh Chalisgaonkar
 
ipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic CapabilitiesipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic CapabilitiesJon Taylor
 
Designing a Moving Experience
Designing a Moving ExperienceDesigning a Moving Experience
Designing a Moving ExperienceAndrew Fisher
 
C0361419
C0361419C0361419
C0361419iosrjournals
 
Ce36484489
Ce36484489Ce36484489
Ce36484489IJERA Editor
 
Graphical Password Authentication
Graphical Password AuthenticationGraphical Password Authentication
Graphical Password AuthenticationAbha nandan
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
 
3d passwords
3d passwords 3d passwords
3d passwords Sunanda Bansal
 
3d authentication
3d authentication3d authentication
3d authenticationsudheerpothu
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1Swagato Dey
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 

More Related Content

Similar to Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory

Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentationJoan Dembowski
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryHitoshi Kokumai
 
How well are you delivering your experience?
How well are you delivering your experience?How well are you delivering your experience?
How well are you delivering your experience?Andrew Fisher
 
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...IOSR Journals
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Hitoshi Kokumai
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaIOSR Journals
 
ipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic CapabilitiesipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic CapabilitiesJon Taylor
 
Designing a Moving Experience
Designing a Moving ExperienceDesigning a Moving Experience
Designing a Moving ExperienceAndrew Fisher
 
Graphical Password Authentication
Graphical Password AuthenticationGraphical Password Authentication
Graphical Password AuthenticationAbha nandan
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1Swagato Dey
 

Similar to Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory (20)

Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentation
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and Memory
 
Persuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTPPersuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTP
 
issue15
issue15issue15
issue15
 
How well are you delivering your experience?
How well are you delivering your experience?How well are you delivering your experience?
How well are you delivering your experience?
 
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...
 
Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak 3 dpassword (2)
Deepak 3 dpassword (2)
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schema
 
Graphical authintication
Graphical authinticationGraphical authintication
Graphical authintication
 
ipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic CapabilitiesipsoCreative | Kinetic Capabilities
ipsoCreative | Kinetic Capabilities
 
Designing a Moving Experience
Designing a Moving ExperienceDesigning a Moving Experience
Designing a Moving Experience
 
C0361419
C0361419C0361419
C0361419
 
Ce36484489
Ce36484489Ce36484489
Ce36484489
 
Graphical Password Authentication
Graphical Password AuthenticationGraphical Password Authentication
Graphical Password Authentication
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
 
3d passwords
3d passwords 3d passwords
3d passwords
 
3d authentication
3d authentication3d authentication
3d authentication
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1
 

Recently uploaded

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 

Recently uploaded (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 

Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory

  • 1. Fend Off Cyberattacks with Citizens’ Non-Volatile Episodic Memory with the values of democracy 24th February, 2023 Hitoshi Kokumai, Chief Architect Mnemonic Identity Solutions Limited 90-second introductory video I ‘m Hitoshi Kokumai, Founder and Chief Architect at Mnemonic Identity Solutions Limited (MIS), set up in August 2020 in United Kingdom. I am advocating the principle of ‘Identity Assurance by Citizens’ Own Volition and Memory’ since 2001. We have a 20 years long pre-history of technology development, product making and commercial implementations with some 1 million dollar sales. Our champion use case is Japanese Army deploying our solution on field vehicles since 2013. They will continue to use it for at least 10 more years. At MIS we are going to help global citizens fend off cybercrime by their non-volatile long-term memory, with the values of democracy. Let me present a 90-second introductory video on our solution that we call Expanded Password System - https://youtu.be/T1nrAlmytWE
  • 2. From ‘Password Fatigue’ to ‘Fatigue-free Password’ Passwords are Hard to manage And yet, absolutely necessary Identity theft and security breaches are proliferating Critical problem requiring valid and practical solutions 2 There could be two approaches to cope with the problem of Password Fatigue. One is to throw away the password altogether, and give up the valuable security somehow provided by the password. This is what ‘passwordless’ and ‘biometrics’ authentication schemes are supposed to be achieving, well, to the delight of criminals. Moreover, democracy would be lost where the password that we feed volitionally was lost. When authentication happens without our knowledge or against our will, it’s a 1984-like Dystopia. Another is to promote ‘Fatigue-free’ Password System. This is what we are achieving with Expanded Password System powered by citizens’ non-volatile episodic memory. Say, from 'Password Fatigue' to 'Fatigue-free Password'
  • 3. Basics of Authentication Factors Let us first go through the basics of authentication factors. ‘Yes or No’ on feeding correct passwords and ‘Yes or No’ on presenting correct tokens are deterministic, whereas biometrics which measures unpredictably variable body features of living animals in ever changing environments is probabilistic. It’s practically impossible to compare the security of a strong or very weak password with that of a poorly or very wisely deployed physical token even though both passwords and tokens are deterministic, Deterministic authenticators can be used on its own, whereas a probabilistic authenticator would lose its availability when used on its own. Direct comparison of something deterministic and something probabilistic would absolutely bring us nowhere. Deterministic authenticators can be used together in a security-enhancing ‘multi-layer’ deployment, whereas probabilistic authenticators can be used with another authenticator only in a security-lowering ‘multi-entrance’ deployment unless we can forget the availability as illustrated here. Password, token and biometrics are ‘authenticators’, while multi-factor schemes, distributed digital identity, single-sign-on schemes and password management tools are all ‘deployment of authenticators’; We would obtain nothing by comparing the former with the latter.
  • 4. What’s New? The idea of using pictures has been around for two decades. New is encouraging people to make use of citizens’ non-volatile episodic image memories. The idea of using pictures for authentication is not new. It’s been around for well more than two decades, but the simple forms of picture passwords were not as useful as had been expected. UNKNOWN pictures we manage to remember afresh are still easy to forget and confuse. Expanded Password System is new in that it offers a choice to make use of KNOWN images that are associated with our personal experiences, as you saw earlier in the introductory video.
  • 5. Since the images of episodic memory are not only Non-Volatile but also are the least subject to INTERFERENCE of MEMORY,
  • 6. it enables us to manage dozens of unique strong passwords without reusing the same password across many accounts or carrying around a memo or storage with passwords on it. The key logic is, simply, “There are several known images in the grid. I can easily find all of them right away. Only I can select all of them correctly.” Furthermore, watching memorable images makes us feel pleasant, relaxed and even healed; What about seeing the pictures of comfortable places where you had nice experiences with your family at each login?
  • 7. "Memory of past episodes provides a sense of personal identity - the sense that I am the same person as someone in the past" Source: Memory and the Sense of Personal Identity. Mind, 121(483), 677-702. http://www.jstor.org/stable/23321780 Episodic Memory and Personal Identity The role that our episodic memory plays for our sense of personal identity is now broadly known, for instance, "Memory of past episodes provides a sense of personal identity - the sense that I am the same person as someone in the past" Episodic memories of citizens are now collectively playing a critical role in building a solid and sustainable identity assurance platform.
  • 8. Broader Choice If only text and # are OK It’s a steep climb … to memorize text/number passwords to lighten the load of text passwords to make use of memorized images 3UVB9KUW 【Text Mode】 【Graphics Mode】 【Original Picture Mode】 Recall the remembered password Recognize the pictures remembered in stories Recognize the unforgettable pictures of episodic memories Think of all those ladders you have to climb in Donkey Kong ;-) Low memory ceiling Very high memory ceiling High memory ceiling + + 8 Shall we have a bit closer look at what it offers? With Expanded Password System, we could imagine a situation that escalators and elevators are provided along with the staircase. We could opt to continue to recall the remembered text passwords, although the memory ceiling is very low. We could opt to recognize the pictures remembered in stories. We would be able to manage more and more of them. Where we choose to make use of episodic image memory, we would be able to manage as many passwords as we like without any extra efforts.
  • 9. Relation of Accounts & Passwords Account A Account B Account C Account D Account E, F, G, H, I, J, K, L----------- Unique matrices of images allocated to different accounts. At a glance you will immediately realize what images you should pick up as your passwords for this or that account. 9 Being able to recall strong passwords is one thing. Being able to recall the relation between accounts and the corresponding passwords is another. When unique matrices of images are allocated to different accounts, those unique image matrices will be telling you what images you should pick up as your password for this or that account. Expanded Password System will thus free us from the burden of managing the relation between accounts and the corresponding passwords.
  • 10. Isn’t Episodic Memory Malleable? We know that episodic memories can change easily. … But that doesn’t matter for authentication. It could even help. 10 It’s known that episodic memories are easily changeable. From confidentiality’s point of view, it could be even better than objectively factual memories since no clues are given to attackers.
  • 11. What about Entropy ‘CBA123’ IS ABSURDLY WEAK. WHAT IF ‘C’ AS AN IMAGE GETS PRESENTED BY SOMETHING LIKE ‘X4S&EI0W’ ? WHAT IF ‘X4S&EIWDOEX7RVB%9UB3MJVKEIXE94AN2KDGHQD PGPE#IDGHEI’ INSTEAD OF ‘CBA123’ GETS HASHED? 11 Generally speaking, hard-to-break passwords are hard-to-remember. But it’s not the fate of what we remember. It would be easily possible to safely manage many of high-entropy passwords with Expanded Password System that handles characters as images as you see here. If started from the whole image data, the overall entropy could easily exceed millions of bits. By the way, threats of 'visual-manual attacks on display’ are very different to 'automated brute force attacks’ on the data server. A figure of ’20-bits’, say, a million attempts, for instance, would be just a bad joke against automated attacks, whereas it would make a pretty tall wall against visual- manual attacks on display.
  • 12. Huge Improvement • Password fatigue alleviated for all • Better security for password-managers and SSO services • Even better security for multi-factor authentications • Less vulnerable security for biometric products Backward-Compatible • Nothing lost for users who wish to keep using text passwords Enjoyable Login • Get the images in your matrix registered. It’s easy and joyful. 12 What to Gain People who enjoy handling images will gain both better security and better convenience. The only extra effort required is to get the images registered; people already do that across social media platforms and apparently love it. Then, huge improvement as show here.
  • 13. Typical Use Case Japan’s Army adopted our product for accepting ‘Panic- Proof’ and yet ‘Hard-to- Break’ credentials. Japan Ground Self-Defense Force, aka, Army is using Expanded Password System for authentication of the personnel who handle the encrypted data exchange between commanders and field communications vehicles since 2013. Some 460 licenses were offered to field communications vehicle. With each vehicle shared by multiple soldiers, the number of people who use our solution are now supposed to be in many thousands. The number of licenses increased more than 10-fold over the 10-year period of use from 2013. And, the client tells us that it will stay in use for at least 10 more years. We humbly assume that they are well satisfied with our solution.
  • 14. Client Software for Device Login Applications Login Image-to-Code Conversion Server Software for Online-Access 2-Factor Scheme Open ID Compatible Data Encryption Software with on-the-fly key generation Single & Distributed Authority Unlimited Use Cases 14 Applications of Expanded Password System will be found wherever people have been dependent on text passwords and numerical PINS, And wherever people need some means of identity authentication, even if we still do not know what it will be.
  • 15. Launching Global Operation Following experimental successes in Japan, we set up our global headquarters as Mnemonic Identity Solutions Limited (MIS) in United Kingdom in August 2020 - https://www.mnemonicidentitysolutions.com/ With the sales of some 1 million dollars and a successful adoption by Japan’s military in 2013 at a preceding Japanese entity named Mnemonic Security, Inc., we came to realise that it will not be in Japan but the global market that decides the future of our endeavour. We set up Mnemonic Identity Solutions Limited with British colleagues in UK in 2020 for launching the global operations.
  • 16. First Global Project “Mnemonic Gateways” Leak-proof Password Manager with No Password Vault powered by citizens’ non-volatile episodic image memory 90-second demonstration video What if we come up with a password manager powered by citizens’ non-volatile episodic memory? It’s ‘leak-proof’; the passwords, which are generated and re-generated on-the-fly by our image-to-code converter from users' hard-to-forget episodic image memory, will be deleted from the software when it’s shut down. The merits of episodic image memory make it possible to do without the likes of a password vault. It also enables citizens to handle multiple password managing modules with multiple unique sets of images; it helps us avoid creating a single point of failure. Please watch a 90-second demonstration video - https://youtu.be/0nNIU4uYl94
  • 17. Mnemonic Gateways makes the first product for our global operations. We will expect the revenue from the sales of high-security versions for tens of millions of professional users, while offering a standard version to billions of global consumers at no cost. It’s now on the way towards Beta release. We expect to make the formal announcement in the very near future
  • 18. Goal Make Expanded Password System solutions readily available to all the global citizens – rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster – over many generations until humans discover something other than 'digital identity' for safe and orderly societal life. Our mission is to make Expanded Password System solutions readily available to all the global citizens – rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster – over many generations until humans come up with something other than 'digital identity' for safe and orderly societal life.
  • 19. More Issues on Digital Identity 19 I would have taken up these issues as well if I had another 20 minutes - - Phishing Deterrence - Cryptography and Digital Identity - AI and Quantum-Computing - Login under Duress - 2-Channel Expanded Password System - Secure Brain-Machine-Interface - Security-Destructive Passwordless schemes - Misused Biometrics - Stopgap Hybrid Text Password - Dementia and Identity I would have taken up these issues as well if I had another 20 minutes
  • 20. There exists a secure and yet stress- free means of democracy-compatible identity authentication. That is Expanded Password System Thank You for Your Time Hitoshi Kokumai Founder & Chief Architect Mnemonic Identity Solutions Limited Profile https://www.linkedin.com/in/hitoshikokumai/ hitoshi.kokumai@mnemonicidentitysolutions.com kokumai@mneme.co.jp 20 24th February 2022 Mnemonic Identity Solutions Limited As such, there exists a secure and yet stress free means of democracy-compatible identity authentication. That is Expanded Password System Thank you very much for your time.