It’s interesting to compare progress in Computer Security with progress in Medicine Science. Think of computing technology as being analogous to the human body, and under attack from multipl…
It’s interesting to compare progress in Computer Security with progress in Medicine Science. Think of computing technology as being analogous to the human body, and under attack from multipl…
In today’s online world of increasing digital crime, internet fraud and database breaches, businesses are left with the growing worry about protecting their online commerce and customers. Wh…
As described in my last posting on the ‘Essence of the Blockchain’, the block-chain is just a public ledger supported by the power of the cryptographic hash function. From a “genesis” block,…
By which I mean the Personal Identification Number. Most days we use it in conjunction with our ATM card to perform relatively large value transactions. As such its a pretty proven way of au…
The American National Institute for Standards in Technology (NIST) is considering proposals for several modes of operation for Format Preserving Encryption (FPE). The idea behind FPE is quit…
We propose a new Elliptic curve at a security level significantly greater than the standard 128 bits, that fills a gap in current proposals while bucking the expected security vs cost curve …
New Service Adopted by NTT Software to Expand Offerings While Eliminating the Largest Security Threat To Enterprise Customers In Digital Businesses (The Password Database). Tokyo, Japan, Oct…
We have been tasked to harden the M-Pin protocol against a “key-escrow” attacker, who has the authority to demand and be issued with all of the secrets from all of the distributed trust auth…
M-Pin is a Multi-Factor identity based authentication protocol. Secret authentication keys are issued to clients from a Distributed Trusted Authority (DTA). Typically there are two DTAs, one…
The non-interactive authenticated key exchange protocol known as SOK after its inventors Sakai, Oghishi and Kasahara, is one of the original pairing-based protocols. Like many such early pro…
M-Pin is a two-factor authentication protocol which has been proposed as an alternative to Username/Password, which works in conjunction with SSL/TLS. Here we derive a more complex M-Pin der…
The M-Pin protocol has been proposed for use in a setting which uses multiple Trusted Authorities. One way to realise M-Pin is to use “early binding”. With early binding the client secret sh…