Saturday, April 13, 2019

(updated on 2/16/21)

(TUPLEZZ: combines the words TUPLE and PUZZLE.)

TUPLEZZ  is a method and system for strong authentication and 
secure communication and it is Patent Pending.

. White Paper .

Cybercrime is one of the biggest challenges that humanity is facing and cybersecurity innovation is paramount for our economy and national security so I thought of a method – which I called TUPLEZZ – that has the following strengths:

.1. . .TUPLEZZ is a Challenge-Response authentication method that makes it impossible for an attacker to replicate even when the hacker has the static ID and Pw of the User and he (the attacker) has recorded (screen capture and keylogging) all previous login sessions of the User.

.2. . . This method doesn’t require a third party or time synchronization.

.3. . .Due to the infinite number of possible formulas that can be used, a brute force attack to figure out the algorithm is impossible.

.4. . .The Client can log in even in the absence of the token with no need to contact the Server (or a third party) and no need for a cell phone.

.5.. .The AOTC (Authenticated One Time Challenge) makes phishing impossible. AOTC replaces the OTP (One Time Password) used by other methods.

.6. . .The use of a login counter means that TUPLEZZ is automatically updated after each login session. Therefore this method doesn’t need to be updated but if the Server’s policy requires periodic updates they can be done.

.7. . .The encryption it provides is unbreakable because TUPLEZZ can provide a key length as large as the message and only used once (because each new message will be associated with a new AOTC which will result in a new unique key), which is what Claude Shannon showed to achieve the so called perfect secrecy.

.8.. .This method requires that both parties (Server and Client) contribute with a random input every time the user logs in, which results in a unique authentication method which is superior to anything else tried so far.

Keeping up with cybercrime

Cybersecurity Ventures: "Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades"

"Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be  more profitable than the global trade of all major illegal drugs combined."

GALLUP: "One in four Americans have experienced cybercrime"

NIST: "Cyber Crime: An Existential Threat to Small Business"

Department of Homeland Security: Combating Cyber Crime

NSA: Good info

No comments:

Post a Comment