Secret Sharing Protects Nuclear Weapons and Could Replace Our Passwords
Ideas on how best to protect cyber information belonging to individuals, organizations and governments are constantly evolving, with a mix of older and newer methods existing side-by-side. Passwords and keys are still widely used, as two-factor authentication also grows. Surprisingly few people, though, are talking about secret sharing, a security option that takes data and uses randomization to compute different numbers (shares) that only together define the secret/data. TechDigg spoke to Amit Rahav, VP Marketing & Business Development at Secret Double Octopus to find out more about secret sharing.
What exactly is secret sharing and how does it work?The system that we use at Secret Double Octopus utilizes multiple security matches using multiple routes – based on “secret sharing”- an algorithm established in 1979 by cryptographers Adi Shamir and George Blakely. Secret sharing takes data and uses randomization to compute different numbers (shares) that only together define the secret/data, meaning it’s almost impossible for hackers to piece together. Secret sharing is mathematically unbreakable, and is so strong in its inherent security methodology that it has been used to prevent accidental or malicious launch of nuclear weapons.
Why is it safer than other methods?It’s safer because it’s information that’s theoretically secure. For example, there’s not enough information to solve A + B = 100. You’re presenting the hacker with a problem that they don’t have enough information to solve. This enables the implementation of multi-layer cyber security, where each hacking breakthrough merely yields a useless piece of information.
Where was it used to help prevent accidental or malicious launch of nuclear weapons?In secret sharing, a secret is transformed into several meaningless ‘shares’ where several – or all – of them are needed in order to reconstruct the secret. This mathematical concept is often used as a security measure taken to prevent single-person access to secured environments. For example, the US Air Force is operating under “The Two-Person Concept” directive which is designed to prevent accidental or malicious launch of nuclear weapons by a single individual.
Is the method expected to overtake others in the future?We believe that single-point-of-failure security is a thing of the past. The only way to ensure long and everlasting security is by applying secret sharing-based security to Mobile cloud and Internet of Things (IoT) environments.
The end of the password?The Secret Double Octopus website declares that “the password is dead.” The company believes that: “No password security means more protection, not less”, because “in the hands of users, passwords are a vulnerability”, and that “password-based security is a poor fit for fast-growing architectures, such as cloud, mobile, and IoT. There’s too much to remember – too much complication and exposure.” The alternative, they believe, is an “authentication wall is invisible to the user. There are security factors, but the user does not need to remember or operate” them. Instead, the company creates “a password-free environment with trust channels established via a mobile phone app.” It’s certainly true that passwords are far from ideal, and an eventual move away from them is almost inevitable. The use of secret sharing on a widespread basis, including by the majority of individuals, is a direction in which cyber-security could and perhaps should evolve.