When attempting to solve a problem, it should be standard operating procedure to look for each and every way the solution can fail, as well as consider all the ways that a proposed solution can succeed.
In 1935, President Franklin Roosevelt signed the Social Security Act into law. This legislation created an identity verification credential that years later would become the gold standard for one of the fastest growing crimes of the 20th and 21st centuries: identity fraud.
Forty years later, massive data breaches became possible by capitalizing on the vulnerability created through the widespread use of Public Key Infrastructure (PKI), which relies on static digital credentials to protect digital information.
These concepts -- a social security number, a "private" key -- were intended to enable positive identity verification and prevent assets from landing in the wrong hands. However, both incorporated an inherent vulnerability into the design that allowed for misuse and exploitation. At QWERX, we are acutely aware that hackers are users, too and systems not only perform as intended but they also perform every way that is technically possible.
Today, there are government bodies pushing for the creation and use of quantum-resistant or quantum-proof encryption algorithms and keys. We'd like to pose a question: Will these newer, stronger encryption keys be harder to steal than the existing encryption keys?
Attackers are not breaking encryption; they are using stolen keys to log into a network in the same way authorized users do.
Instead of continuing to make the same mistakes, we can offer a better way to accomplish machine identity verification without the vulnerabilities inherent with static credentials. If you're interested in learning more about our patented Ephemeral Key Infrastructure technology, please get in touch.