Interview with Co-founder Yuval Hertzog

Human beings are cybersecurity’s weakest link


Interview with Yuval Hertzog, Co-Founder and Technology Head, Tide Foundation

What is “Cyber Herd Immunity” and “blind secret processing”? How does a decentralized system prevent vulnerabilities? We spoke with Yuval Hertzog, Co-Founder and Technology Head at the Tide Foundation about security-centric solutions, PRISM authentication, and more.

JAXenter: Do you believe that the future could potentially be passwordless and depend on multi-factor authentication or other personal verification methods? Would that be an improvement on the current model?

I believe the discussion around the different factors of authentication is almost insignificant in the long run – as it’s not solving anything rather moving the problem elsewhere. It does indeed make the challenge of compromising the authentication harder for bad actors, but not without an additional burden on end users.

The purpose of any factor of authentication is to establish 3 elements: the identity of the user, their authorized privileges, and their intent to perform an action. All 3 are required to establish the momentary authority of a user in a certain activity within a system.

The problem this highlights is that when the user is granted with authority, it means it was bestowed or delegated by a higher or superior authority in that system – and therein lies the problem – because it requires the system to have absolute power over the user and its representation in that system. To put it simply: an administrator can easily masquerade freely as any user in that system. If that administrator is compromised or malicious, the implications are catastrophic.

An improvement on that model would be a move towards a Self-Sovereign Authority model based on trustless technologies that reveal nothing about the user or their identity, and prevents anyone from acting within a system without their verified authority. In a Self-Sovereign Authority model, authentication is handled outside the system, through an open, decentralized network that the user doesn’t need to trust. The number of factors being used for the authentication will solely depend on the sensitivity of the activity sought.

I personally believe that because authentication processes are required to establish intent, some integration with the human brain, together with the establishment of some sort of unique-brain-signature, would be the optimal method.

 

Read More

Recent News

Blog
4 Jun 2025

Ghost in the Network

Rethinking Cybersecurity with User-as-Key Architecture

Blog
19 May 2025

Treat the cause not the symptom

Another security patch. Another missed opportunity.

Blog
25 Mar 2025

Rethinking Cybersecurity

The future of cybersecurity for platform developers

Press
27 Mar 2025

Keys to Nowhere

Cryptography Revolution Thwarting Hackers

Press
6 Mar 2025

Scientist's take on Tide

2 min explainer on why cybersecurity is failing and Tide's approach to fix it

Press
20 Jan 2025

Sky News Feature

"Tide technology has potential to revolutionize cyber security"

Press
15 Jan 2025

Q&A with Co-founder Yuval Hertzog

Reimagining trust in the digital world.

Press
4 Nov 2024

Tide Win Tech Impact Award

Award for impact in transforming breaches into a non-issue.

Announcement
18 Nov 2024

TideCloak Secures Developers

Major Organizations Among Early Adopters Reporting Freedom from Security Concerns

Press
11 Mar 2024

Infrastructure Magazine Feature

New approach to securing critical infrastructure.

Press
23 Nov 2023

RMIT, Tide, AWS Collab Unveiled

Tide's "Ineffable Cryptography" to secure critical infrastructure

Blog
25 Sep 2024

Cybersecurity’s Kryptonite

It’s cybersecurity’s kryptonite: Why are you still holding it?

Contact

Thanks for getting in touch. We'll get back to you as soon as possible!

Send another message