According to Hackmageddon, more than 950 cyber-attacks were reported in 2017. These were just the reported ones, and there are numerous other cases that went unheard. Cyber-attacks include cases of cyber espionage, hacktivism, cybercrime, and cyber warfare.
As most of the world is dependent on the Internet, such high statistics mean that the online world is far from safe. Last year was also the year of WannaCry malware, which affected major corporations all across the world, including the National Health Service (NHS) in the UK.
The fact that a team of hackers can damage even the largest organizations from the remotest parts of the planet means that there is something inherently wrong with the way we protect our systems.
REMME.io wants to change this by replacing the current password protected systems with their innovative blockchain-based authentication system.
From large corporate systems to personal social networking accounts, everything is currently protected through passwords. These passwords have been proven to be ineffective in the face of brute force hacking techniques.
It could be that the administrator puts up a very easy password, or maybe writes a password on a piece of paper, which gets into the hands of unwanted personnel. The possibilities for breaching password protected systems are endless.
Even two-factor authentication is unsafe
The introduction of two-factor authentication strengthened the old password protected systems. But, even that isn’t foolproof, and it has been proven that two-factor authentication can be beaten through SIM-swaps and other methods.
Last year, a Black Lives Matter activist, DeRay McKesson had his Twitter account hacked after someone apparently called his service provider and had his SMS redirected to a different SIM card.
SMS is technically the most inefficient way to perform two-factor authentication. It can easily be manipulated through social engineering, and your account gets hacked.
Experts have suggested that two-factor authentication through authentication applications is a better way to carry out two-factor authentication. However, there is no foolproof system that protects the user a 100% from being hacked.
In the wake of such weak security measures, the solution proposed by REMME seems to be the much-needed change that is required for the global digital community.
REMME removes the need for a contemporary, centralized password database and an authentication server. The company wants to replace this by assigning each device a unique SSL certificate.
These certificates will be hosted on a blockchain, making the devices virtually impenetrable. A fake certificate will never be verified in the blockchain, so even if a hacker is able to copy the certificate, they cannot get it authenticated by the blockchain.
As blockchain technology removes the necessity for a centralized server, hackers will not have a central server to target. This means that the whole system has no weak point, and REMME claims that their technique will ensure that the systems are 100% secure against common attacks.
REMME wants to create a distributed Public Key Infrastructure (PKI) management on top of the existing x.509 standard certificates. This will be done through blockchains, and this system will help protect the IoT, financial, infrastructure, medtech and blockchain companies.
PKI is defined as the set of rules, protocols, and procedures that help in creating and managing the digital certificates and in public-key encryption. PKI is already being used to secure data transfer in e-commerce, online banking and various fields of technology. Using this technique is better than the contemporary password protection as it eliminates the requirement for passwords and reduces the chances of human error.
How it all works
REMME technology offers TLS/SSL certificates, which protect the users from hidden attacks. The technology is backed by blockchain and validates the certificates without the need for a conventional certification authority. The authority is replaced by a blockchain.
REMME offers companies the ability to create their own self-aligned certificates and allows them to revoke them. Each certificate includes some personal information from the user, such as their email address and phone number. The blockchain server checks the information and creates a private, random number.
The certificates are generated locally and then installed onto the local machines. All of the information is stored in an encrypted form with the help of a secret phrase. The local machines interact with the company’s blockchain with the help of private keys. All of this creates an additional layer of security as compared to the conventional technologies.
REMME also uses 2-factor authentication, but instead of sending a token through SMS, the company sends a secret token through the messaging apps such as Telegram, Facebook Messenger, and WeChat. These messaging apps are considered far more secure than simple SMS.
Some of the main use cases that have been mentioned on REMME’s site are the following:
- Critical Infrastructure
The whole US power transmission grid is interconnected digitally. An ill-protected system in the continental power grid can compromise the whole power grid. This will not only cut power to the homes of millions of people but will have a much deeper impact on the US economy. The US continental power grid is just one example of the critical infrastructure which needs to be protected from hackers.
REMME offers solutions to such systems and wants to protect every critical infrastructure from attacks. Hackers can access the critical infrastructure and bring society to a halt just from a laptop. This is not just a hypothetical situation, hackers were able to access the Ukraine power grid in 2015 and shut down power to about 230,000 people for almost 6 hours.
- Internet of things
From cars to fridges, everything is connected on the Internet these days, and the protection of these systems is imperative. As REMME has mentioned, the contemporary password protected systems are insecure and can be accessed by hackers.
Protection of IoT devices is important if the technology is to be developed further. If self-driving cars are unprotected, then it is possible that hackers may gain access to the car and start controlling it. That would obviously be hazardous, especially if the car is being driven.
REMME wants to solve this problem by providing a secure Internet connection between these devices in order to avoid any incidents.
- MedTech, Crypto Exchanges
Health and medical records contain extremely sensitive information and need to be protected from becoming public. The records are mostly stored on computers that are protected through contemporary technologies.
REMME will make sure that the medically related data can be safely shared on the Internet without fearing a security breach and the data being released to unwanted personnel. The same goes for crypto exchanges, which also suffer terribly from unprotected Internet connections.
REMME offers protection for all these agencies and wants to protect the networks by changing how Internet traffic communicates with each of them.
These are just some of the use cases of REMME, and there are numerous other possible applications of REMME in the existing Internet infrastructure.
An ambitious endeavor
I would describe REMME as an ambitious endeavor that seeks to replace the existing weak security technology with their new ambitious one. However, the project has yet to reach its conclusion and is just starting. REMME is inviting people to join their pilot program and has a few companies that have already joined the program.
The companies that have joined the pilot program are:
Ukrinmash – It is a national firm that aims to protect the interests of Ukraine in the field of military technology.
Infopulse – It is a part of Nordic IT group and is focused on software development and R&D.
Hotmine – The company is focused on developing products such as BTC miners, etc.
Constitutional Health – A US-based operator of an AI-based health information database.
For more info: REMME.io
The post Remme is revolutionizing password protection through the Blockchain appeared first on CryptoPotato.