Skip to main content

Update – Q&A


The following questions are answered in this update.

-What do we think makes ‘what we are’?
-Does it make sense to compare different authenticators?
-Are you sure that the password is easy to crack?
-How different is ‘hard-to-forget’ from ‘easy-to-remember’?
-What impact the computing power has on the processing of secret credentials?
-What are ‘necessary’ and ‘sufficient’ conditions for reliable identity assurance?
-Does a solid theory warrant a solid implementation?
-What role cryptography plays for Expanded Password System?
-What is ‘on-the-fly’ key regeneration?
-Is Expanded Password System complementary to FIDO2?

-What can ‘probabilistic authenticators’ achieve in cyberspace?
-How different is ‘Another Layer’ from ‘Another Entrance’?
-Is a default password different from a fallback password?
-Why so many people do not hesitate to sacrifice privacy for decreased security?
-What are correct use cases of biometrics?

-Why is UK adopted as the venue for the global headquarters?
-Who adopted Expanded Password System for what?



Comments

Popular posts from this blog

Probabilistic Is Human Body, Not Pattern-Matching Algorithm

The probabilistic nature of biometrics comes from the unpredictably variable body features of living animals rather than imperfect algorithms of pattern matching; perfection of pattern matching algorithm would not affect the probabilistic nature of biometrics. Biometrics that measures the probabilistic body features does not escape False Rejection/False Non-Match/False Negative that inevitably comes with False Acceptance/False Match/False Positive.   Since it cannot escape FR/FNM/FN, biometrics cannot escape the dependence on a fallback measure, a default password/pincode in most cases, which brings the security to the level lower than a password/pincode-only authentication. And yet, so many people who need higher security are spending so much money for bringing security down. Click the link for more - https://www.linkedin.com/pulse/negative-security-effect-biometrics-deployed-hitoshi-kokumai/

Expanded Password System to Complement FIDO2

2 is larger than 1 but is not necessarily stronger than 1, as two children could be overwhelmed by a grown-up. For a two-factor authentication to be really reliable, each factor should be reasonably secure and usable enough. On the other hand, ‘password-less’ authentication, however attractive it might sound, would only benefit bad guys as examined in the link page - https://www.linkedin.com/pulse/removal-passwords-its-security-effect-hitoshi-kokumai/ People who offer a token as 'a factor' of two factor authentication schemes could all be viewed as our potential down-stream partners. Among them are the people who offer FIDO2-compatible solutions. Put together, we could come up with the two-factor authentications that are much more reliable than otherwise.

Robust 2-Channel Authentication

2 is larger than 1, but not necessarily stronger than 1. https://www.theregister.com/2020/07/20/twitter_security_update_hackers_broke_2fa/ By bringing in the concept of Expanded Password System, we are able to protect important accounts more reliably than conventional 2-factor/step authentications as outlined here – “Advanced Persistent Threats in Digital Identity” https://www.linkedin.com/pulse/advanced-persistent-threats-digital-identity-hitoshi-kokumai/ This is not a hypothesis. It has been quietly but effectively deployed since 2014 for a security-centric corporate network by 1,200 employees.   Needless to say, asymmetric cryptography could be additionally incorporated for yet higher security where needed.