Hitoshi Kokumai

8ヶ月前 · 4 分の読書時間 · visibility 0 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

When, why and how Expanded Password System was developed

When, why and how Expanded Password System was developedRelation of Accounts & Passwords<br />
<br />
   <br />
<br />
* Unique matrices of images allocated to different accounts.<br />
<br />
+ Ata glance you will immediately realize what images you should pick<br />
up as your passwords for this or that account.

Here is what we wish to emphasize as to the development of Expanded Password System (composed in the format of Santander Digital Trust Hackathon).

 Main Theme: Identity Assurance by Our Own Volition and Memory

- Problem: Password Predicament

- Solution: Non-Text Secret Credentials

- Theory: Science of Human Memory

Summarized in this 90-second video

2e2b1348.jpgSecret Credenti<br />
<br />
 <br />
   <br />
 <br />
<br />
Memories<br />
<br />
Episodic Memory Inspiration in 2000

 Secret credentials are indispensable for identity assurance, whereas text-only passwords are hard to manage.

Why not consider Non-Text secret credentials?

 What it does

 Our identity authentication solution named Expanded Password System enables people to make use of their episodic image memory{1<br />
<br />
48

 How we built it

 The system is built to enable the user to register a set of any numbers of images of their choice either by permutation or combination as credentials and embed them onto a matrix of images made of meaningless decoy images

 Our solution turned out to work with Open ID without friction.

 Challenges we ran into

 However solid the theory is, the solution would be vulnerable to attacks when it is poorly implemented. A key was the appropriate use of a hash module of SHA family.{1<br />
<br />
48

 It was also a challenge to get technology people to listen to us about the merit of making use of our own autobiographic/episodic memory. These people are generally not familiar with such psychological concepts.

 Accomplishments that we're proud of

 Adoption by demanding clients such as Japan's Ground Self-Defense Force (Army) besides the use cases in consumer and corporation areas.d8d6136b.jpgRelation of Accounts & Passwords<br />
<br />
   <br />
<br />
 <br />
<br />
° 1 as<br />
7 ae<br />
coErom<br />
aK LM<br />
oranrsT<br />
UVvwxyz<br />
<br />
* Unique matrices of images allocated to different accounts.<br />
<br />
* Ata glance you will immediately realize what images you should pick<br />
up as your passwords for this or that account.

 Also, selection as a finalist by Financial Data and Technology Association for ‘Summit and Awards 2019’ and adoption by AFCEA for ‘2020 Solution Review Problem Sets’.

 What we learned

 Our solution can and must be made available to global citizens.

 We also learned that, for global citizens to enjoy a safer identity assurance, we need to debunk wide-spread misperceptions such as “indispensable passwords be removed altogether” and “passwords be displaced by password-dependent biometrics”

 What's next for Digital Identity for Global Citizens

Global operationseb5b7006.jpgIf only textand # are OK |3UV B99 KUW<br />
<br />
 <br />
<br />
to memorize 10 lighten the load of to make use of<br />
text/number passwords text passwords memorized images<br />
<br />
{Text Mode] {Graphics Mode] (Original Picture Mode]<br />
Recall the remembered Recognize the pictures Recognize the unforgettable<br />
password remembered in stories pictures of episodic memories |<br />
012345 @ 0% 8 sROaw<br />
crreas YE<br />
CDEFGH 8 4 &<br />
<br />
nr HER<br />
<br />
OPQRST<br />
<br />
UvwXxYz ICR WA<br />
Low memory ceiling High memory ceiling Very high memory ceiling<br />
<br />
Think of all those ladders you have to cmb in Donkey Kong ;-)

Key References 

Image-to-Code Conversion by Expanded Password System

Summary and Brief History - Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform{1<br />
<br />
48

 Additional Statements

 The aim of our enterprise is to make Expanded Password System (EPS) solutions readily available to all the global citizens: rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disasters.

 We expect EPS to stay with us over many generations until humans discover something other than the 'digital identity' for our safe and orderly societal life. We look for the people who share such a long-term view and support us as such.

 Expanded Password System invented in 2000, we launched the business operations in 2001 under the name of Mnemonic Security, Inc, which was the world’s first company to provide the software products that offer ‘Hard-to-Forget’, ‘Hard-to-Break’ and ‘Panic-Proof’ digital identity authentication. The business progressed successfully with US$1m commercial adoptions over the first several years.

 {1<br />
<br />
48We started, however, to feel the painful headwind from around 2008 because people got carried away by the hype of wrongly-used biometrics, particularly overwhelming in Japan, even though the versatile practicability of our software was demonstrated by the 5-year use by 140, 000 online shoppers. After struggling in vain for several years, we chose to get out of Japan.

 We have successfully made a tangible progress since then. The solid theory of our EPS proposition is made clear by OASIS recognition as a standard candidate, publishing by Taylor & Francis, selection as a finalist by Financial Data and Technology Association for ‘Summit and Awards 2019’ in Edinburgh and adoption by AFCEA for ‘2020 Solution Review Problem Sets’. We are steadily getting recognized as Pioneer and Thought Leader in this domain.

 As for the use cases, we are now able to also refer to the 6-year use by 1,200 employees for a corporate network and the trouble-free defense use by army soldiers in the field from 2013 till now with the users increasing 10-fold and set to increase further, which were both achieved in very adverse circumstances of biometrics-dominated Japan.

 We came to set up a company in UK as our global headquarters in August 2020. We named it 'Mnemonic Identity Solutions Limited' with the mission of globally promoting 'identity assurance by our own volition and memory' for 'secure digital identity in post-pandemic cyberspace'.

In view of the ever rampant Covid-19, we would like to refer to the theme of Digital Identity in Post-Pandemic Era; Very probably, global populations will be far more dependent on Digital Identity in the Post-Covid19 era that our life will be far less dependent on geographical move of people - fewer face-to-face meetings, less commute, fewer travels and far more dependent on telemedicine, telework and many other tele-something, while threats of Big Brothers by rogue governments, greedy corporations and crime syndicates will be yet greater than ever.

The likes of Self-Sovereign Identity, expected to play a critical role in the highly complex situations, would require not just the distributed ledger technology but the most reliable identity authentication if it is to be truly valid and sustainable.

Our responsibility of providing ‘hard-to-forget’, ‘hard-to-break’ and ‘stress-proof’ authentication will be really heavy.

 Lastly, we wish to mention a bit more about “wide-spread misperceptions” referred to in “What we learned”. Below are my latest writings as for “indispensable passwords be removed altogether” and “passwords be displaced by password-dependent biometrics”.

Bizarre Theory of Password-less Authentication{1<br />
<br />
48

Why are we so persistent in the efforts to bust the falsehood of biometrics?{1<br />
<br />
48

PS

Our project submitted to Santander Digital Trust Hackathon titled 'Digital Identity for Global Citizens' is among the 31 winners out of 268 submissions.

778fc071.jpg

Additional References

Account Recovery with Expanded Password System

External Body Features Viewed as ‘What We Are’

 History, Current Status and Future Scenarios of Expanded Password System

Negative Security Effect of Biometrics Deployed in Cyberspace

Removal of Passwords and Its Security Effect

Availability-First Approach

Update: Questions and Answers - Expanded Password System and Related Issues (30/June/2020)

 < Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes - narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication

< Latest Media Articles Published in 2020 Spring>

Digital Identity – Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/

‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/


{1<br />
<br />
48

thumb_up 関連性 message コメント
コメント

その他の記事 Hitoshi Kokumai

ブログを見る