Hitoshi Kokumai

1 year ago · 2 min. reading time · ~10 ·

Hitoshi blog
Enjoy a comfortable sense of security; a false one, though

Enjoy a comfortable sense of security; a false one, though

On-the-Fly Regeneration of Cryptographic Keys

LJ 00
afson xtyax9d4294dIelEYVz
BRus wo/gadieowlUx093/x7
oREeBL ?2IwbleB4x09xIoPxLxeo
dty YDidex&&xeigo@y...


“Apple to let you sign up for services with Face/Touch ID instead of passwords” https://mashable.com/article/apple-passkeys/?

It reads "In a WWDC developer session titled "Move beyond passwords," Apple engineer Garret Davidson shows a new feature, allowing users to sign up for new online services using Face ID or Touch ID instead of a password. "

Hearing big players like Apple uttering ‘cryptographic keys’, many people might well automatically feel safe. However, the fact is the addition of cryptographic keys does not make up for the absence of passwords.

The outcome is a false sense of security; You feel as if you were safer when you are actually less safe. This could often be even more detrimental to safety than known absence of security.

Where we need solid security, we need to deploy a solid password for defending the cryptographic keys. Our observation is explicitly outlined here – “Removal of Passwords and Its Security Effect”


Well, you might now ask “What can we do to solidly defend cryptographic keys by our secret credentials?

Our answer is to re-generate the keys from our episodic image memory on the fly as outlined here – “Try and experience the simulation of ‘On-the-fly Key Regeneration’ by yourself”





It's a no

Key References 

Account Recovery with Expanded Password System

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens

Image-to-Code Conversion by Expanded Password System

Summary and Brief History - Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Secret Credenti



Episodic Memory

Additional References

Removal of Passwords and Its Security Effect
Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

 History, Current Status and Future Scenarios of Expanded Password System

Availability-First Approach

Update: Questions and Answers - Expanded Password System and Related Issues 


“Expanded Password System

wane = Only I can select all of
BS] them correctly

Broader choices with both images and characters accepted






Easy to manage relenons between accounts and corresponding passwords.


Torturous login is history. Login is now comfortable, relaxing and healing



 < Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes - narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication




Hitoshi Kokumai

1 year ago #2

Zacharias 🐝 Voulgaris

1 year ago #1

I've heard of biometrics as a token-based authentication mechanism, but I didn't think anyone would actually use it instead of passwords, on a device that's this vulnerable (according to a certain CS expert anyway, who lives in exile still). Whatever happened to 2-factor authentication?

Articles from Hitoshi Kokumai

View blog
1 year ago · 2 min. reading time

Some friends directed my attention to this news report - · “Biometric auth bypassed using fingerpri ...

1 year ago · 2 min. reading time

The quantum computer held in a bad guy’s hand is indeed a big threat. So is the artificial intellige ...

1 year ago · 2 min. reading time

There is actually a valid methodology that enable us to maximize the entropy of the secret credentia ...

Related professionals

You may be interested in these jobs

  • Tesco

    Customer Delivery Driver

    Found in: Talent UK - 3 days ago

    Tesco Yeovil Full time - permanent

    About the role · Availability Window · Customers are at the heart of everything we do. · As the face of Tesco out on the road, we deliver all the way from Lands' End to John O'Groats. Our Customer Delivery Drivers get the opportunity to meet and talk to different customers in the ...

  • BPP

    Student Recruitment Manager

    Found in: Talent UK - 5 days ago

    BPP London Permanent

    Vacancy details · Applicants must provide evidence of their right to work in the UK as BPP is unable to provide visa sponsorship · Job Profile · Marketing - Brand & Content · Title · Student Recruitment Manager (London & South East) · Contract Type · Permanent · Job Purpose ...

  • Holt Recruitment Group Limited


    Found in: Jooble GB - 2 days ago

    Holt Recruitment Group Limited Ferndown, Dorset Full time

    TOOLMAKER · TOOLMAKERSALARY: CIRCA £35K DoE Do you enjoy a varied role where no 2 days are the same? Are you best when kept busy across multiple machines? Do you enjoy working with a mix of small - medium batches and prototype work? If so, keep reading, I have the perfect role fo ...