Solutions – On Prem

Eliminate Bulk theft of password and user credentials

The challenge

Secure passwords
– once and for all

There are more than 12 billion passwords that are hacked and for sale on the Dark Web. Software- based hashing algorithms, such as bcrypt, crypt, scrypt, PBKDF2 are not secure enough due to users predictability of using weak passwords as well as the increasing computer processing power that enables higher success rates when it comes to password cracking.

Attackers have statistically between 191-487 days to crack the stolen password hashes before the organization has realized they ́ve been breached; in many cases much longer according to an IBM Ponemon study from 2017.

Additionally, the average cost per compromised record is more than US $216 according to the Ponemon institute.

server_woman
The solution

The PUF technology

CIPHRA is a Hardware Security Module powered by PUF (Physical Unclonable Functions) and works as a password hashing processor with encryption capabilities.

Using our patented PUF technology will enable next generation highest protection, where no root/master key is stored or backed-up anywhere, at a much lower cost than other alternatives.

The CIPHRA appliances are designed to  easily scale redundancy and throughput.
In other words, increasing the number of authentications per second without any major changes to the customer’s existing system architecture.

Without access to the keys protected by CIPHRA, the stolen data is useless to the attacker. Connecting the CIPHRA appliances to public webserver databases prevents the password hashes from being cracked through offline password recovery attacks such as brute force, rainbow tables etc, regardless of the password strength and computing resources available to the attacker.

Furthermore, the offline key generated during the installation process is used to scale and seamlessly maintain the redundancy and throughput required for your online service.

Who?

Who should use CIPHRA?

If your organization has multiple users/customers that authenticate with usernames and passwords, we guarantee the strongest protection for your clients.

If the customer/user database is leaked, we eliminate the risk of their accounts being hijacked.

Today we mainly offer our products to hosting and online service providers, but there are of course no limits to the type of organization who can use us.

Our mission is to be a global leader in the password and database protection industry

Martin Fabiansson, CEO
How?

This is how CiPHRA work?

CIPHRA is a PUF-based password storage solution that processes user passwords (or the salted password hashes) and then stores the output. The validity of a user password is checked by processing the user password (or its salted hash) by CIPHRA’s cryptographic processor and comparing the output with the corresponding stored value.

Additionally, the solution does not rely on any administrator passwords and thus makes insider threats less risky. CIPHRA processes the passwords with a unique device key protected by a PUF-key, which is never stored except for an offline copy which can be kept in a physical valve or shared in part between administrators.