Interview with Co-founder Yuval Hertzog

Human beings are cybersecurity’s weakest link


Interview with Yuval Hertzog, Co-Founder and Technology Head, Tide Foundation

What is “Cyber Herd Immunity” and “blind secret processing”? How does a decentralized system prevent vulnerabilities? We spoke with Yuval Hertzog, Co-Founder and Technology Head at the Tide Foundation about security-centric solutions, PRISM authentication, and more.

JAXenter: Do you believe that the future could potentially be passwordless and depend on multi-factor authentication or other personal verification methods? Would that be an improvement on the current model?

I believe the discussion around the different factors of authentication is almost insignificant in the long run – as it’s not solving anything rather moving the problem elsewhere. It does indeed make the challenge of compromising the authentication harder for bad actors, but not without an additional burden on end users.

The purpose of any factor of authentication is to establish 3 elements: the identity of the user, their authorized privileges, and their intent to perform an action. All 3 are required to establish the momentary authority of a user in a certain activity within a system.

The problem this highlights is that when the user is granted with authority, it means it was bestowed or delegated by a higher or superior authority in that system – and therein lies the problem – because it requires the system to have absolute power over the user and its representation in that system. To put it simply: an administrator can easily masquerade freely as any user in that system. If that administrator is compromised or malicious, the implications are catastrophic.

An improvement on that model would be a move towards a Self-Sovereign Authority model based on trustless technologies that reveal nothing about the user or their identity, and prevents anyone from acting within a system without their verified authority. In a Self-Sovereign Authority model, authentication is handled outside the system, through an open, decentralized network that the user doesn’t need to trust. The number of factors being used for the authentication will solely depend on the sensitivity of the activity sought.

I personally believe that because authentication processes are required to establish intent, some integration with the human brain, together with the establishment of some sort of unique-brain-signature, would be the optimal method.

 

Read More

Recent News

Blog
25 Sep 2024

Rethinking Cybersecurity

The future of cybersecurity for platform developers

Press
4 Nov 2024

Tide Win Tech Impact Award

Award for impact in transforming breaches into a non-issue.

Announcement
18 Nov 2024

TideCloak Secures Developers

Major Organizations Among Early Adopters Reporting Freedom from Security Concerns

Press
11 Mar 2024

Infrastructure Magazine Feature

New approach to securing critical infrastructure.

Press
23 Nov 2023

RMIT, Tide, AWS Collab Unveiled

Tide's "Ineffable Cryptography" to secure critical infrastructure

Blog
25 Sep 2024

Cybersecurity’s Kryptonite

It’s cybersecurity’s kryptonite: Why are you still holding it?

Blog
25 Sep 2024

Nature's key to cybersecurity’s future

How nature holds the key to cybersecurity’s future

Blog
25 Sep 2024

I got 99 problems, but a breach ain’t one

Ineffable Cryptography: The science behind a new era of cybersecurity

Blog
25 Sep 2024

Future proofing your platform

A practical walkthrough of creating the most secure apps on the planet.

Press
25 May 2023

New breakthrough in Zero-Trust

Deakin University researchers prove Tide's tech breakthrough in ZeroTrust cyber security

Announcement
26 May 2023

TideInside Dev Champion Crowned

Sean Nam Crowned Champion in the Prestigious TideInside Development Competition

Press
5 May 2023

CyberWire Podcast Interview

Tide propose we break the model so no one holds the keys to our data

Contact

Thanks for getting in touch. We'll get back to you as soon as possible!

Send another message