New Readers

 
Home Awards Welcome Industry Voices Become Sponsor Banquet Tickets Be A Judge Merchandise Previous Winners About GBA
 
Ulf Ziske: What are Scrambled Secrets?

The KikuSema GmbH was founded in 1998 with the headquarters in Berlin/Germany .The company is concerned with consulting, analysis, development of applications for within the IT security branch as well for ERP-systems.

Rake Narang: What are your views on BYOD and it’s impact on CYOP (Claim your own privacy)?

Ulf Ziske: BYOD is the view of a company on the secure integration of employees' appliances as smart phones or tablets into its own infrastructure. Risks are rising for the owner of the device especially if different integrations for different employers or task are needed. It's not sufficient to regard the way of individual data within the digital world over all the different appliances only from this limited view of point. A greater framework is needed to meet the requirements for the future in order to implement a stable "cyber system" among all of us. CYOP –Claim your own privacy- that should become a term for the rights and the responsibilities of any citizen in dealing with individual data. The citizen is part of a worldwide system, in which (s)he is in relation to Third Parties, like e-commerce provider , Internet service provider, Trust center and to the government of the homeland and of other countries as well. The complexity of the digital world has intensified. But the available resources; as skills and apps, of the citizens for acting in their own interest cannot keep pace with this accelerated development. In my opinion personal security could be only reached by taking individual responsibility. But government and citizens need to collaborate in the offensive and defensive protection of data and privacy. The government should protect the citizens' rights in self-determination on their individual data at home and abroad. We are starting a discussion on http://blog.cyopblog.com/.

About Ulf Ziske

Rake Narang: What are the security pains and pitfalls for the common user by using authentication procedures?

Ulf Ziske: The number of needed authentication occasions both in private and in working life has rapidly increased for each of us. The requirements for the authentication methods have become more complicate and there are stricter rules. For the common user it is difficult to find unbreakable, sophisticated passwords and keep them secure. The trend for going "Cloud" makes it even more complicated to ensure authentication and user's credentials. Another challenge is to keep up with the trend of the new touch-screen devices. We do not want to use a keyboard any longer. Because we can easily lose such devices, the authentication must be done in an innovative way. The authentication process is permanently threatened by cyber-attacks and there are a lot of pitfalls. My identity could be stolen and misused in my name. My individual data could be destroyed or changed. Imagine the situation that data about my health, e.g. my blood group are modified. In order to get some incentives I have to give away facts about me, but I don't know what will happen with my data. Often user's credentials are stolen without a direct impact for the user. But there is pending threat. Nobody knows if these data will be used to search for more important data later on. What could the common user do? First of all it is important to use many different and complex passwords. The use of time-limited passwords is recommended. Further on the reconfiguration of the whole authentication process is needed.

Rake Narang: What are Scrambled Secrets?

Ulf Ziske: The idea behind the Scrambled Secrets is not only locking the door of your safe by using a simple “True-False-authentication-mechanisms” but rather protecting your “values” themselves by encrypting. Your values or secrets could be money or important business data, technical spoken that are files, like textual information, images, videos or other software. The idea to scramble your secrets means to encrypt each value separately. That means not only encrypting the whole hard disk rather encrypting each file or each banknote in your "safe". This scrambling enables you to save data in the cloud in a way that these data are worthless and not exploitable for others. Further on you can protect your data from unauthorized reading and modification You can't unscramble scrambled egg that is true! But this should only apply to the attacker. The fifth of the new protocols of FabulaRosa enables you to scramble and unscramble your secrets. In order to improve security this features can be used in a Multi-Instance-Mode. Up to eight instances which could be a mixture of different technical factors with different simultaneous authorities can be involved in the process. Let me summarize. Feasible scenarios using the “Scrambled Secret” or the fifth protocol could be: image authentication, real electronic money or the jointed control of machines. Once adopted our solution can help to assure that security, privacy, interoperability and ease of use are significantly improved for all parties, which are involved in the authentication process.

Rake Narang: Could you explain the Five New Protocols? What could be the impact of these protocols for shaping new ways within authentication?

Ulf Ziske: Our app FabulaRosa already supports the user to overcome most of the current security pains and pitfalls. FabulaRosa creates many different passwords by applying only one image only existing in your mind. The passwords are not stored at all; they are generated in the moment you draw the image on the screen. There is the problem of authentication in public spaces with untrusted devices. This problem could be solved by the Protocol 1. Between personal smart phones and public devices, a password is transferred by QR Code or NFC. Within this mode the real password is transferred. This disadvantage is solved by applying the Protocol 2, the Stealth Mode. The password is modified within a certain time frame that it cannot be identified. With the Protocol 3 the attack of the password transfer is avoided. Only a content-free string will be send to the user. The string will be scrambled by the FabulaRosa-algorithm. Protocol 4 enables the user to encrypt and decrypt complex data locally. Protocol 5 is all about Scrambled Secrets. FabulaRosa has the potential to become the common procedure for any login. The "Five New protocols" are a unique idea meeting future requirements of Cyber Security. The transfer of passwords will be replaced by the transfer and scrambling of “secrets”. The encryption of the user data is the base to reconfigure the whole process of authentication; not only locking the door by using a simple “True-False-mechanisms” but rather protecting of the “values” themselves by encrypting.

Company: KikuSema GmbH
Prignitzstrasse 166, 12683 Berlin

Founded in: 1998
CEO: Ulf Ziske
Public or Private: Private
Head Office in Country: Germany / Berlin
Products and Services: Core product: FabulaRosa and the Five Protocols. Services: Consulting, analysis, development of applications

Company’s Goals: We always want to create something really new and gain the aim that FabulaRosa become the common procedure for any login We are looking for partners.
Key Words: Authentication, Algorithm, Visualization, QR Code, Privacy, Threat Management, Managed security services, Big Data, NFC, Stealth Mode, Encryption, Modulo, Scientific Analysis, Adobe Air.
Interested in an Executive Interview with Golden Bridge?
Want to tell us more about your company, products and more? We are currently doing written interviews with executives and PR professionals from all over the world in the business world. If you are interested, please submit your requests for interviews here.