Bulk theft of data, including personal information, identities, passwords, etc., is one of the main cyber threats facing almost all IT industries without a robust and secure solution in sight. Such data breaches have high national, regional, and often global impact. One of the main causes of any data breach is passwords, as hackers can easily crack them offline. The current practice for password and personal data protection on digital online services is to use a variety of password hashing functions, which are functions that are easy to compute but hard to invert. However, the major problem with the current state-of-the-art password hashing functions, such as Argon2, bcrypt, scrypt, PBKDF2, etc., is that they do not stop data from being stolen in the first place. Given the sophisticated techniques and capabilities at the disposal of cybercriminals, both in terms of hardware and software, once the password database is breached and stolen, it is only a matter of time before all passwords are cracked. In fact, only strong passwords take longer time to crack, but weak ones, which unfortunately is the case for the majority of passwords chosen by most users, require from a few seconds to a few minutes to crack offline. Secure password protection thus remains as one of the major pain points almost almost all mass data storage providers in the IT industry are facing today.
Authentico's patented solution CIPHRA, which is a hardware-dependent cryptographic processor, is specifically designed for protection of, among others, passwords by making it infeasible to crack passwords even if a database is stolen, regardless of the password strength and the resources available to the hacker. CIPHRA protects the cryptographic infrastructure by generating unclonable encryption keys from authentication requests using a technology called PUF (physically unclonable function). The end result is that CIPHRA effectively eliminates offline password cracking.
The main objectives of this project are two-fold: one, to establish, via market research, which countries represent the greatest take-up potential; two, to identify which categories of companies will deliver the greatest impact and snowball effect for CIPHRA. In addition, we want to have an even clearer picture of customer needs and factors which influence their purchasing decisions. The question of pricing is a very important one, and is tied closely not only to the scalability of CIPHRA but also to our ability to offer a better and more affordable version of CIPHRA. Finally, a technological development roadmap would allow us to chart key technical milestones that bring us closer to a final and, from a technical perspective, adaptable CIPHRA solution.
