Cookies managing
We use cookies to provide the best site experience.
Accept All
Cookie Settings
Cookies managing
Cookie Settings
Cookies necessary for the correct operation of the site are always enabled.
Other cookies are configurable.
Essential cookies
Always On. These cookies are essential so that you can use the website and use its functions. They cannot be turned off. They're set in response to requests made by you, such as setting your privacy preferences, logging in or filling in forms.
Analytics cookies
These cookies collect information to help us understand how our Websites are being used or how effective our marketing campaigns are, or to help us customise our Websites for you. See a list of the analytics cookies we use here.
Advertising cookies
These cookies provide advertising companies with information about your online activity to help them deliver more relevant online advertising to you or to limit how many times you see an ad. This information may be shared with other advertising companies. See a list of the advertising cookies we use here.
Hacking It Through
by Vikram Bhushan | Dec 13, 2018 | Blockchain, Decentralization, Security

“The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn, and relearn. ”― Alvin Toffler

Last Saturday Team Hypermine took participation at the Cloud 20/20 UNISYS ( hackathon.

The tech giant conducted the event to bring together professionals for their unique ideas around disruptive technologies and to recognise them for their talent.

The event was dedicated to technology professionals with more than 3 years hands on work experience. This resulted in a very sophisticated collection of PoCs, and also made sure that the participating teams were top notch..

A total of 73 teams has applied; of which a mere 23 were selected showcase their work.

The themes provided were

  1. AI/ML
  2. Security
  3. IoT

There were some very interesting Machine Learning projects, Team TAKA [won 3rd Place] built Office Login Security system using AWS DeepLense. Similarly there were several projects in AI and IOT security using RaspberryPI as a proxy at L2 level. As for us, team Hypermine, was participating the Security segment with our Cryptographic SingleSignOn Solution.

We team chose Security as our theme.

The problem statement

Storing passwords in databases are not secure, additionally are a hassle to manage.

Our Solution

A cryptographic based login mechanism where users login into applications without having to provide there log in credentials.

How ?

The solution is divided into three modules

  1. SDK
  2. Mobile APP
  3. Server

The server is where the A website owner registers their website by providing their SSL Certificates and details like domain name and redirection URL and so on. The server then generates an ‘APP ID’ and provides a SDK which the website owner implements in the website and controls the login/Authentication.

The users then register themselves in mobile app. On registration Hypersign generates a Public/Private Key Pair [based on the Elliptic Curve standard] and attaches the public key to the user’s account on server. Next when user access the website for the first time they will see a QR code on the website.

We then generate a Key Pair [Public & Private] and attach the public key to the user’s account on server.
At the next step, when the user browses to the website for the first time, the user will see a QR code on the screen. 
The user will have to scan the QR code by clicking on the button on the scan qr section in the mobile app. 

The user will scan the QR code [on the website] by from the mobile app. 

The following steps occur : 

  1. Decrypt the QR message using the key [Mobile APP]. the encrypted message contains the APPID of the website.
  2. Encrypt another message to tell server to allow the user login along with the APPID with the user’s Private Key [stored in the mobile phone].
  3. Next the encrypted data is sent to server to be verified. The server uses another decryption method to get the public key back, and matches the public key of the user request with the generated public key
  4. Once matched It proves that a user is valid and a notification is sent to the app with the particular APPID to redirect login. 

We use ECDSA encryption algorithm which is a standard in blockchain hence our pki wallet works with any blockchain to broadcast transaction in a blockchain based apps. 

We plan to integrate this mechanism with other standard SSO applications such as 

  1. Datapower
  2. KeyCloak 

Hypersign will add another layer of encryption and security on the existing platforms without having to change anything in their existing setup.

Our team won 1st prize. ???? 

Technologies Used for the project





Watch more
New Delhi
All content on this site is copyright. All Rights Reserved. ©Hypermine 2022
Thank you, We will be in touch shortly.