2 min Analytics

Blockchain-based encryption makes password cracking virtually impossible

Blockchain-based encryption makes password cracking virtually impossible

The non-profit Tide Foundation states that it has created blockchain-based encryption, which is virtually impossible to crack. The encryption method is part of an open source framework to protect personally identifiable information.

For the approach, the organization uses a technique called splintering, SiliconAngle knows. In this technique, pairs of usernames and passwords are broken down into small pieces. These pieces are spread over various storage devices.

The blockchain technology is used to reassemble the encrypted data when necessary.

According to the Tide Foundation, the technique is easy to integrate into any authentication method.

140,000 times safer

The Tide Foundation states that it has conducted tests on test sets of 60 million user records. Those records came from a data breach that was publicly reported. The tests show that the technique is 140,000 times safer than the current conventional protection against a so-called dictionary attack.

A dictionary attack is an attack in which the hacker has guessed the passwords through a defined list of probable candidates. Simply put, there is a list of possible passwords, and the hacker managed to choose the right one.

As an additional test, the organization awarded a bitcoin prize to anyone who has a single combination of a username and password that is encrypted and splintered using the new blockchain technique. A bitcoin is currently worth about $10,800. The Tide Foundation states that there were over 6.5 million attempts, but that no one was able to succeed in the assignment.

Splintering

With splintering, a new level of complexity is added to hashing. Hashing is a technique that is now widely used to protect passwords. In this case, a hash algorithm converts a string of text of any length into a string of characters of a fixed length.

A hash cannot be reversed-engineered. However, it is possible that an attacker can successfully associate a password with the corresponding hash. If that is the case, any other password protected by the hash algorithm can also be cracked. According to the Tide Foundation, this is not possible with splintering.