The primary means of accessing various local and network resources today is via password, a method that has proven itself as a way of identifying and securing users and resources. However, it has one serious drawback: in the event of a password being stolen, the attacker gains access to all of the account-holder’s data. Moreover, because users often deploy the same password for multiple services, the situation is exacerbated, while weak passwords can be a subject to vocabulary attack. Password databases from a variety of resources periodically fall into open access, exposing hundreds of millions of passwords to hackers.
Even where the affected user has the ability to change their password, their account is still vulnerable, since the user's mailboxes are usually protected by a password that is often the same as that used on other resources. Thus, passwords cannot serve as a sufficient instrument for protecting user data and guaranteeing the security of the user session.
REMME solves the following issues:
- Trusting the centralized certification authority (CA)
- CA keys being compromised
- Fake certificate issuance
- Issuance of "hidden" certificates, trying to intercept and redirect connections
This allows complete and transparent control and tracking of all issued certificates, no possibility for issuing "hidden" certificates, and eliminated attempts to intercept and redirect connections.
Various parties (including Google) have tried to solve those issues, but without success. Blockchain systems ensure the immutability of data stored within them, providing an effective and practical solution.