REMME acts on various architectural levels (based on OSI Multilevel Architecture):
- Physical level
- Data link level
- Network level
- Transportation level
- Session level
- Presentation level
- Application level
№ |
Type of threat |
What REMME’s solution proposes |
1) | DDoS | REMME and SSL may limit access to the application level on both the channel (IPSec) or transportation (TLS) levels. |
2) | Hardware Trojan | REMME offers indirect protection from malicious hardware that works through its physical form. If a common USB Disk is used as a keylogger, REMME may mitigate data losses, as the user won’t need to type passwords. A digital certificate can also be provided for all pluggable USB devices (this feature will be implemented in the upcoming version of REMME). |
3) | MiM (Man-in-the-middle) attack | REMME encryption technologies eliminate data wiretapping or substitution, as standard protocols with unsafe channels switch over to encrypted ones (e.g. HTTP Strict-Transport-Security protocol that makes the browser always use HTTPS). While it is impossible to fend off MiM attacks in a standard hierarchical scheme of certificates (when an attacker has access to the certification body), REMME provides such protection, as attackers won’t be able to create fake certificates on behalf of the owner in a decentralized blockchain-based system. |
4) | Pharming | REMME technology can recognize if the system you want to connect with has a wrong signature. |
5) | XSS (Cross-Site Scripting) | REMME can’t directly influence this process, but can minimize the damage from such attacks as all data used for authentication is stored within a protected repository of system keys. Thus, scripts from the web page won’t receive access to this data, and all suspicious activities have to be confirmed through 2FA. |
6) | Malicious browser add-ons | REMME can help protect your data, as it uses SSL certificates for user authentication, kept in a specialized insulating storage. Thus, it’s impossible to reach protected SSL certificates via browser plugins or add-ons. In order to receive access to this storage, the attacker has to gain access to the whole system. Even in this case, the certificate will be protected with a key phrase, giving users additional time to recall the certificate. |
7) | Password reuse attack | This is impossible with asymmetrical cryptography in place, as the Diffie-Hellman algorithm is used for identification with certificates and key exchange, successfully eliminating the possibility of such an attack. |
8) | Phishing | REMME S/MIME technology allows signing emails with a private key, adding an x.509 certificate with a public key in the message. Thus, it is easy to check the resource of the message that helps to define the level of trust, while revealing and blocking the virus source. |
9) | Evil twin | To protect data from this type of attack, REMME suggests using WPA2-Enterprise encryption with EAP authorization in all wireless networks.. |
Learn more about how REMME protects against malicious attacks on our corporate blog.
Comments
0 comments
Article is closed for comments.