CORA Cyber Security (CORAcsi)

CORA Cyber Security Inc delivers CORA, a step beyond encryption, that empowers unbreakable data security. Limited methods of encryption can be broken, as is evidenced through the reports that constantly appear in the media. CORA uses a distributed methodology, however, unlike Block Chains, CORA maintains a centralized control structure allowing for the shutting down of any CORAfied data if a server is compromised. CORA implements the ideal that Claude Shannon defined as 'perfect encryption'.

Showing posts with label big data. Show all posts

Monday, 20 February 2017

Unbreakable - 1104

Unbreakable Security

Can you relate to this immense number? Does such an exponent represent an order of magnitude that makes sense?

10¹¹⁰⁴ is how many times stronger CORA is than military grade encryption when considering a brute force attack. Why 1104, instead of 1105, or 1203? Truth be told, because I like 1104; my point being that there is 'no limit' on how large CORA Cyber Security can make this number!

10¹¹⁰⁴ sufficiently demonstrates that, not even 'quantum computers' will be capable of breaking this encryption with a brute force attack... at least not in this century!

Sure, anyone can make such a claim! The question is, can anyone back up such a claim? CORAcsi can backup this claim - TODAY!

While we are making fast inroads into the marketplace, with a beach head that is growing quickly in select industries, such as industrial controls, robotics and manufacturing, my question is this:

Why doesn't a 'bigger player' investigate our claim further so as to take a leadership role in properly securing the global marketplace? CORAcsi is getting there, but every month delayed is costing the global community upwards of $100 B in cyber crime.

Bottom line: if our claim of 10¹¹⁰⁴ times stronger than everything else that is available, is correct, then the entire Industry is already antiquated - so take a chance, a few moments, and lets have a conversation. Perhaps if you need a little more convincing, take a look at Claude Shannon and his definition of 'perfect encryption'.

Sunday, 18 December 2016

CORA Industrial

The origin of CORA

I am amazed at how many pathways are emerging for CORA. I suppose it isn't too surprising when one contemplates the need for 'unbreakable security', and yet, my original thought was to protect "static data", particularly that which is found on 'my computer'.

I knew that I wanted to store my technology bases in multiple, online locations. I further knew that encryption as is currently found in the industry, can be broken.

Surprise realizations

goCORA

goCORA, the online, fun, app that will be released in 2017 allows users to maintain control of their online, digital footprint. This exciting pathway for CORA was never considered in its development.

For years we have spoken to young people (in particular) about the need for caution when posting pictures, opinions, videos, and the like online - once it is online, it will exists somewhere, for ever...

goCORA will allow users to post anything they want online, without the fear of "losing control" over their data - they can shut it down permanently regardless of how many people have seen, copies, or shared the information.

To this end, if you are a Xamarin developer, we may have some work for you.

CORA Industrial

I must say, trade shows are relatively boring, and yet, they are surprisingly productive. While 'putting in time' at the last trade show on emerging technologies, a local industrial company spoke with CORA Cyber Security and we became aware of another import pathway for CORA, as illustrated in the follow:

What good is a pathway without some math?

While I personally love the math, what does 10¹⁸⁴⁸ look like?

Answer: Unbreakable.

Sunday, 3 July 2016

IoT needs unbreakable

http://
ZDNet just published an article “The first big Internet of Things security breach is just around the corner”.

The IoT is projected to be worth in excess of 3 trillion dollars by 2020. Therefore, it should be obvious that it isn’t going away. Smart devices and chips will be everywhere. Yes, this is a security risk.

The challenge to the cyber security industry is to become “unbreakable”.

Imagine the hundreds of thousands of hackers and unscrupulous employees who are spending ungodly numbers of hours and days trying to steal what doesn’t belong to them. Next imagine how many would continue to do so if they weren’t getting a piece of the $400,000,000,000 being stolen from you and me each and every year.

Unbreakable - the concept - is simple.

Make it too costly and time intensive to “risk failing at the hack”!

Risk money, time and potential criminal consequences, without getting “the prize” – who is going to do it? Ok, maybe the odd duck, but that is far better than the hundreds of thousands globally attempting to, and succeeding at stealing “our money”. Yes, it is our money, even if we don’t realize it. The big boys and girls aren’t going to lose 400 + billion a year without passing those losses onto the rest of us – not if they want to keep their jobs.

This is exactly why CORAcsi is unbreakable. Is it conceivable that someone might discover where all the CORA packages are stored throughout the Cloud, then breach each of the servers and networks involved, within a short window – say 5 minutes?
Perhaps it is conceivable – and if they did, CORA would be no better than encryption. This may be conceivable, however, it is totally improbable, and will reduce the numbers attempting to succeed significantly, as failures clutter their landscape.

Unbreakable = too costly and time intensive to risk failing at - the hack.

Unbreakable = leaving a trail (such as an employee who has access to “the catalog”).

Unbreakable = too many networks and servers to violate before a single package has been deleted.

Unbreakable = too many unknowns to warrant the cost while risking the consequences.

Tuesday, 14 June 2016

BlockChains and CORA

Allow me to briefly illuminate the similarities, and differences between BlockChains and CORA.

BlockChains are incredibly resilient, and beyond the control of any “one”. This makes BlockChains ideal for online currency, which was the apparent rationale that drove its creation.

CORA on the other hand was originally developed with a single purpose – to provide unbreakable data security – which encryption alone cannot deliver.

While CORA has surprised us at CORAcsi.com with additional applications, such as securing one’s online, digital footprint, this is a byproduct of its primary mandate – security.

Hence I targeted a “distributed methodology”, but more than “just a distributed methodology”. I insisted upon the following characteristics:

Points B and D above are pivotal to understanding the difference between BlockChains and CORA as a means of securing data and protecting one's online digital footprint.

For online currency, I personally cannot imagine a better technology than BlockChains.

decentralized, peer-to-peer

The BlockChain is a decentralized implementation. Decentralized, peer-to-peer implementations have been around for years - "bitTorrents" that utilize many duplicates: seeds (files) and catalogs (routing tables).
The design of the BlockChain is beautiful; it is persistent, independent and versatile.

Regarding security, decentralized peer-to-peer systems violate requirement “B” above, by removing the requirements that:

The data can be quickly and permanently “shut down”.
The fragments are highly controlled and secured by professionals (not seeded to unknown computes, perhaps even home computers).

CORA must remain “centralized” so that it can be controlled and if necessary, shut down to prevent unauthorized individuals, teams, companies, or countries from viewing data that belongs to another. Moreover, CORA will not place packages (seeds) in multiple locations, nor on personal computers.

As stated in my earlier blog, executables in a BlockChain should make the global community extremely uncomfortable!

Executables violate requirement “D”, namely that each fragment must be inactive. Perhaps sterile is a better word!

CORA is committed to using packages that inactive and can be shut down permanently if required.

Sunday, 5 June 2016

Blockchains - Concepts and Connections

BitCoin

I often reflect about, well just about anything and everything. As I mused about BlockChains, I imagined that the paper accredited to Satoshi Nakamoto's gave rise to the BlockChain frenzy. An incredible concept and implementation that is ideal for the online currency that is "BitCoin":

redundant
decentralized
robust
a natural propensity towards security (as the number of blocks increase).
global

The following video can be found in IEEE SPECTRUM's article entitled "The Future of the Web Looks a Lot Like Bitcoin"

As with every pathfinder who proves a new concept, others are quick follow. Near the end of this article the author talks about the push to include executables in BlockChains. There are many articles and blogs that can be found about BlockChains, in particular I would like to draw your attention to the following:

BlockChain executable

O'REILLY's "Understanding the blockchain"

Blockchains and Online Dispute Resolution: Smart Contracts as an Alternative to Enforcement

Mike Hearn's blog "Developing apps for block chains"

itnews reports "Ransomware uses blockchains for decoder delivery"

In Ethereum landing page (as of June 5, 2016) one doesn't have to look far to read "Build unstoppable applications".

I know it sounds good, or great, however, we need to slow down for a moment and think about it! In a perfect world, we would all accept the same definitions for honor and integrity.. We would all know the difference between right and wrong, good and evil.

In a perfect world, I doubt that anyone would understand or care about a virus, worm, Trojan or malware. In a perfect world, a zero-day attach or vulnerability would only be found in the popular writings of a science fiction author with an incredible imagination.

Caution

Our world is not perfect - not yet! A zero-day vulnerability is "by definition" one that hasn't been considered or planned for! Do you see the danger in building "unstoppable applications"? Allow me to rephrase this:

Do you recognize the danger in an environment that allows for the building of:

unstoppable viruses
unstoppable worms
unstoppable zero-day attacks

Yes, I know, we will build in safeguards, just like we do with Computers and Servers, and yet, someone always finds a way (sounds a lot like Jurassic Park).

Bottom line: Blockshains are ideal for an online currency that is decentralized. Once this moves to anything that can be "executed", there must be a "centralization" - a way to control these "seeds" of "potential disaster".

Upcoming Blog

Stay tuned for one of my upcoming blogs which contrasts this "decentralized distributed environment" with CORA, a Context Ordered Replacement Algorithm from CORAcsi that allows for the implementation of a centralized distributed environment.

Sunday, 29 May 2016

Encryption - breaking the myth series - part 3

Say what?

In my original post Encryption - breaking the myth, I endeavored to use "my flavor of irony" sprinkled with a touch of sarcasm, to spark some thought and debate.

Then my lovely wife and I played with a visual presentation "Encryption - shatter the myth", and still I muse about "what are these big companies thinking?".

I imagine... they are imagining... that we can hope no one will every breach a server again. Let's make it terribly difficult to be online... so what if our employees need to use, "difficult to use" corporate laptops to "occasionally" check their email. And yet, the breaches continue.
This led to the second blog post "Encryption - breaking the myth series - part 2".

I've stolen my copy, just have to break the encryption now

One of my favorite blogs (very subjective here) is my 3'rd blog about my prime number generator. This blog references what I like to call an "Organic Sieve". Maybe it isn't perfectly clear, but lets get to the bottom line: with organic sieves, one can readily "look up" any prime number - am I the only one the realizes what this says about encryption?

Game Of... Numbers

As I continue to blog and dialog with "people", I occasionally find inspiration in the strangest ways and times. Someone I consider to be quite brilliant with technology contrasted "prime number" based encryption with "other types". Ya, how about "strong passwords"?

Just for fun, lets consider a strong password that uses 10 digits, each of which might have 72 different values (26 lower case, 26 upper case, 10 digits and some special characters). How many possible combinations are involved?

Yes, that is a big number, and that is why strong passwords are important (being force fed I suppose). That is why we often here statistics like, this strong password (above) is more than 12 billion times stronger than a password that uses 6 lower case letters.

Lets add one more perspective here, namely, one could argue that this "strong password" is on par with a 63 bit prime number used to encrypt data. Today's standards (without getting too bogged down in details about symmetric or asymmetric algorithms) are well beyond 256 bits.

Simplicity is the ideal lens for capturing 'the complex'

I apologize for the over simplification, its just that I do like "simple", and think fondly of the KISS rule/acronym. The simple truth is that "encryption isn't good enough":

Article - 2016 - hacker & bank (actually reported)

Article - 2016 - University employees vulnerable - tax data breach

Article - 2015 - Lloyd's CEO on the cost of cyber attachs

Article - 2015 - forbes.com - average costs

Article - 2014 - washington post - cost of cyber crimes

bankrate.com: 11 data breaches that stung US consumers

2014 - data breaches by industry