Ineffable cryptography breakthrough gets rid of root access admins

0 12

By Matthew Griffin Security and Privacy 24th March 2024

WHY THIS MATTERS IN BRIEF

What if there was no “Root” or no “God Admin” in control of your system, in fact what if noone had control and could that help prevent your company from getting hacked?

Love the Exponential Future? Join our XPotential Community, future proof yourself with courses from XPotential University, read about exponential tech and trends, connect, watch a keynote, or browse my blog.

RMIT researchers and Sydney cyber startup Tide are claiming a mathematical breakthrough has allowed them to spread system access authority across a network using decentralised keys, meaning there is no one weak link or human vulnerability. The research has been conducted over several years but has now been translated into a prototype developer tool touted as offering a fundamentally new approach to cybersecurity and a genuine sovereign capability.

US Military puts the call out for autonomous AI's that can defend its networks

“We’re effectively addressing something that in cybersecurity has no way of being addressed today,” Tide Foundation co-founder, Michael Loewy told reporters.

“Because today there’s always someone or something that has authority over a system. We allow the platform developers to remove the need to have that authority or even a business using the platform to have a systems administrator that has root access.”

The Future of Cyber, by keynote Matthew Griffin

The researchers say they can now generate cryptographic keys ‘in secret’ that are operated in secret in perpetuity in a certain way based on verifiable mathematics rather than a “promises of security” that require blind-trust, effectively “closing the loop” of cryptography.

New airborne city wide surveillance systems watch your every move

Dubbed “Ineffable Cryptography,” in practice the approach means there is no longer any individual, company or system holding supreme access powers, so there is no single point of catastrophic failure.

“The actual owners relinquish their god-like authority to a system that they know that doesn’t need to be trusted… you can trust the mathematics behind it because it’s built to give you a verifiable proof at any point that it’s working as it should,” said fellow co-founder Yuval Hertzog.

“Now imagine how much of a relief it is for business owner, for example, that knows that the system that now holds the supreme authority over the security of the system is not controlled by anyone. It’s controlled by a set of rules and instruction that they gave initially, that can only be changed with a whole process that requires the approval of eight people [for example].”

DeepMind's newest AI studies humans to exploit weaknesses in their strategies

The Tide cofounders said tech and security giants like NTT, LastPass and Logitech have made inbound inquiries about the Australian tech because they realise the current approach is unsustainable and makes them the weakest link.

“They’re sitting on a massive liability,” Mr Loewy said.

“If you look at some of the most the most damaging breaches, that IT team or those people with that godlike authority, have been chased into their homes. Their home computers have been breached, their families have been put at risk. No one wants to walk around with a target on their back and all that kind of liability.”

Ineffable cryptography is seen as particularly promising for the cybersecurity of critical infrastructure assets, with these industry partners involved in early testing of access control systems.

Pentagon tests Artificial Intelligence electronic warfare systems

New security of critical infrastructure laws have imposed tougher security standards and disclosure requirements on the operators of Australian assets, like ports, energy grids and water supplies.

In 2022/23, the Australian Signals Directorate responded to 143 incidents reported by entities who self-identified as critical infrastructure, an increase from the 95 incidents reported the year prior.

The new approach that could help protect the assets is explained in a joint study by Tide and RMIT mathematicians with its lead author Dr Joanne Hall from RMIT’s School of Science.

The bold claims have also been tested by other RMIT researchers and students at RMIT’s cloud supercomputing hub, RACE.

In bizzare twist scammers are scamming scammers with scam GPT's

“This is a new sovereign capability developed in Australia that has all the relevant validation for it to be something that’s meaningful,” Mr Loewy said.

Tide has raised about $2 million from a range of angel investors, with a quarter of its funding also coming from grants and research awards. The company has also collaborated with NTT Research, Wollongong University, and Deakin University, while still owning all of its IP.

Matthew Griffin / About Author

Matthew Griffin, multi-award winning Futurist and named Futurist of the Year 2024, has been described as a "Walking encyclopaedia of the future" by NASA and a futurist polymath. One of the world's most renowned futurists and strategic foresight experts Matthew is the 15 times author of the blockbuster "Codex of the Future" series, and is the Founder and Futurist in Chief of the 311 Institute, a global Futures and Deep Futures advisory firm working across the next 50 years, XPotential University, the world's first free futures and foresight university, and the World Futures Forum which works with the United Nations to solve the worlds greatest challenges. Matthew is an in demand international keynote, acclaimed university lecturer and mentor, and host of the hit Fanatical Futurist podcast.

A rare talent in his past Matthew helped build and run several multi-billion dollar business units for Atos, Dell-EMC, and IBM, and his ability to identify, track, and explain the impacts of hundreds of emerging technologies and trends on global business, culture, and society has earned him a powerful reputation and a roster of clients that include royal households, world leaders, G7, G20, and G77+ governments, and many of the world's most respected brands including ABB, Accenture, Adidas, AON, ARM, BCG, Centrica, Citi Group, Coca Cola, Dentons, Deloitte, Disney, Dow, EY, KPMG, Lego, Legal & General, LinkedIn, Microsoft, PepsiCo, Qualcomm, RWE, Samsung, T-Mobile, UBS, VISA, and many others. He was also the only futurist invited to talk at the UN COP28 held in Dubai alongside world leaders.

Regularly featured in the global media including the AP, BBC, Bloomberg, CNBC, Discovery, Forbes, Khaleej Times, Telegraph, TIME, ViacomCBS, WIRED, and the WSJ, Matthews mission is to help organisations create a fair and sustainable future whose benefits are shared by everyone irrespective of their ability, background, or circumstances.