Blog FabulaRosa

Right from the beginning the application FabulaRosa was designed to create High Definition Passwords by replacing the ordinary keyboard of 94 characters with a virtual keyboard of the UTF16 character set.
By choosing the sub character set, passwords in your own language can be created.
But now the user interface of the application is translated into Japanese, simplified and traditional Chinese, Korean, Russian, Spanish, English, Swedish and German.
Although FabulaRosa applies universal concepts as colours, direction and pattern, we think the users appreciate the possibility to utilize their first language.
Please follow the link to read the introduction of FabulaRosa in the above mentioned languages:
https://www.fabularosa.com/FabulaRosaIntro.aspx

Shortly after our appearance in the Innovation Sandbox Contest at RSA® Conference in February 2010, the president of the ISSS Dr. Dübendorfer invited us to present our application because it fits very well with the topic of „Innovative Alternatives to Passwords“.
On October 26th we went to Zurich to demonstrate our FabulaRosa to a broad clientele of computer scientists.
We had some aces up our sleeves; we were prepared to show our mobile version on an Android Smartphone in an online demonstration.
Our intention is not only to develop and show a really good password maker or password management system but also to have an application which fits on the requirements of security protocols in the near future.
We do not only want to have an „end product“ but rather we want to cover the whole process of authentication with many facets.
That is why we have already installed the following features:
The passwords are transferred disguised using a time-based stealth mode.
Furthermore there is a procedure to protect the user’s credentials.
The passwords can be converted to bar code.
The last feature is important for integrating smart phones into the authentication process. This authentication via smart phones is essential for the user, both in private or public spaces, whether using trustworthy or untrustworthy devices. However, at the evening event in Zurich a range of smartcards solutions have been presented and also one biometrical authentication method which have said to be alternatives to passwords. Besides our application there was only one application which sticks with the password authentication. We are both trying to overcome the well-known disadvantages of current passwords by using visualisation but the applications are very different. It was a very interesting evening because it was like „authentication in a nutshell“; all the information about advantages and disadvantages, about alternatives for passwords, and how secure they are and how to measure this were very useful.
While mingling at the event we came in contact with some people. But once again there is a lack of people who are interested to learn about our application in depth.
Maybe some more contacts will emerge after some time. Meanwhile we hope that a lot of people will find us on YouTube, see our presentation and become interested!
Link to the video presentation:
https://www.youtube.com/watch?v=iSLM0wXk4Ms
Link to the Q & A – Session
https://www.youtube.com/watch?v=K7ICWzORULA&feature=related
Link to the slides:
10-Fabularosa-Ziske-ISSS-Abendseminar-Alternativen-zum-Passwort-2010.pdf
What is next for us?
First of all we are showing our application during the RSA® Conferences in February 2011. We are one of the exhibitors in the German Pavilion under the slogan „IT Security Made in Germany“.
Come and visit us from 14th until 17th February 2011 in the booth 1350-6 in the Moscone Center in San Francisco.
We are very excited because the RSA® Conference is going celebrating its 20th anniversary in 2011.
We would like to enter once again the Innovation Sandbox by submitting a new application.
Meanwhile we want to submit for SC Magazine Technology Innovation Award,
maybe for the Info Security’s 7th Annual „Global Product Excellence“ Award as well for the Red Herring Europe and European Identity Award.
We still try to raise people’s awareness and we are still are looking for partners for cooperation in such areas as:
• Estimation of the market value of FABULAROSA
• Scientific consulting and mathematical estimation of the application
• Patenting

San Francisco – RSA Conference – Monday, March 1 2010
The first day of the RSA Conference started with the Innovation Sandbox Event. On this Monday, March 1, each finalist of the TOP TEN MOST INNOVATIVE COMPANY was given the opportunity to present their emerging technology before a panel of judges comprised of venture capital professionals, CISOs, CTOs and industry experts. And we were among these companies.
It was amazing!!! It was exciting!!!
We are very proud to have been a part of the Innovation Sandbox; a half-day event at the RSA Conference 2010.
We had the opportunity to present our application online in an exciting demo area with the other of the „top 10“ group of start-up companies. After three hours of standing in the booth we were very exhausted, because we have had many, many very interested attendees.
And then we jumped directly onto the stage to present our companies and our product.
The judges said it was tough choice to make as there were a lot of great submissions.
It was a great success.
It was the first step to get publicity.
Even if we were not given the award of this year it was a great jump start for us.
During the following conference days we made contacts and meetings with industry experts e.g. Symantec, Microsoft, Adobe, Webroot, and HP as well as venture capital professionals of the Silicon Valley.
Within the framework “IT-Security made in Germany” there was a German Pavilion within the exhibition part of the conference organized by the TeleTrust Association.
We had an invitation to the German General Consulate and there we had the opportunity to meet high level IT-Experts of government and industry.
After this great success to be one the TOP TEN MOST INNOVATIVE COMPANY at the RSA Conference 2010 we are expecting a rapid progress for the market entry of our application FabulaRosa.
How will we continue?
We wanted to submit for the Teletrust Innovation Award, become a speaker at the ISSE 2010 (Information Security Solutions Europe) in Berlin and at the RSA Conference 2010 in London, and become one of the exhibitors in the German Pavilion next year at RSA Conference 2011. The RSA Conference will celebrate in 2011 its 20th anniversary.
Let’s go to San Francisco again.
Maybe with a new innovation?
Meanwhile we will work to improve the market impact of our application and on the expansion of our customers.

FABULAROSA Recognized For Creating Sufficiently Long and Complex Passwords by Visualization that are Easy to Make, Easy to Use and Easy to Recall

BERLIN (GERMANY) / MARIESTAD (SWEDEN) – February 18, 2010 –
KikuSema GmbH/AB (https://www.fabularosa.com, http://www.kikusema.com) announced today it has been named one of 10 finalists for the coveted „Most Innovative Company at RSA® Conference 2010“ contest, part of Innovation Sandbox, a half-day interactive event at the Conference devoted to providing security practitioners with an educational environment where they can partner with one another to learn about new technological solutions that will prepare them to tackle IT security issues.

“Today’s security threats are more sophisticated than ever as evidenced by recent headlines, and RSA Conference is committed to bringing together some of the industry’s most innovative people to address these emerging challenges,” said Sandra Toms LaPedis, Area Vice President and General Manager of RSA Conference. “The purpose of Innovation Sandbox – and this award in particular – is to identify and honor the companies and individuals that are at the cutting-edge of security innovation and have the most promise for offering a solution to the information security industry’s most pressing issues.”

Despite all the warnings and suggestions, most data breaches are caused by the use of weak passwords. Why is that? Because several times a day users are required to login with different passwords and it is difficult to make unbreakable, sophisticated passwords and keep them secure. FABULAROSA will fix this situation with a simple Image in Your Mind.

By drawing only one image on a virtual “Wind Rose” and applying a global understanding of things such as colors and directions and patterns, you will be able to create many different passwords. Within FABULAROSA the ordinary keyboard with 94 characters is replaced with a virtual keyboard of the UTF16 character set (65,535). The FABULAROSA-algorithm computes passwords according to the requirements of the login.

FABULAROSA can be used for every personal password authentication, and is applicable worldwide. The product can be executed on every kind of computer, external data carriers and on mobile phones that run with Adobe AIR/Flash. FABULAROSA is more than a PASSWORD MAKER. The passwords can be transferred while remaining disguised by using a time-based stealth mode, the passwords are not stored and the user’s credentials are protected.

“FABULAROSA delivers a next generation of passwords for authentication and encryption. The FABULAROSA way of creating and using passwords is unique. We are convinced that it represents a paradigm shift within creating and using passwords. It is a new technology comparable with the change from the gaslight to the electricity,” Said Ulf Ziske, founder and CEO of the KikuSema GmbH, and developer of the application highlights. “The basic idea came with my first cell phone. I couldn’t remember the numbers to unlock the phone but I remembered the underlying pattern. Since 2001 I’ve been putting this idea into code.”
 
The “Most Innovative Company at RSA Conference 2010” winner will be determined at the culmination of Innovation Sandbox based on a 3 to 5-minute presentation to a panel of judges that includes Michael Barrett of PayPal; Asheem Chandna of Greylock Partners; Gerhard Eschelbeck of Webroot; Renee Guttmann of Time Warner Inc.; Ray Rothrock of Venrock and Hugh Thompson, Program Committee Chair for RSA Conference 2010. The winner will also be announced to all Conference attendees on Tuesday morning during the RSA Conference 2010 opening session.
Additional information about the “Most Innovative Company at RSA Conference 2010” contest and the Innovation Sandbox program can be found at: https://365.rsaconference.com/community/connect/innovation-sandbox.

We have submitted to the Innovation Sandbox, the Most Innovative Contest for RSA Conference 2010.
Innovation Sandbox represents today’s best new security solutions — and culminates with a shoot-out among the top 10 start-ups presenting their new companies and products to a judging panel comprised of venture capital professionals, CISOs, CTO’s and industry experts.
Our goal is to come among the top 10 start-ups and get the chance for presenting our product. Why not become the winner?
Innovation Sandbox will take place on Monday, March 1, 2010 and is the prelude to the RSA Conference in San Francisco (March 1-5)
Anyway we are going to attend this RSA Conference.
We are still are looking for potential partners for cooperation in areas such as:
Science, Law, Marketing, Sales, and hardware operation. In fact In fact what we need is a “Business coach” for all aspects of the American market, especially for patenting.

Again and again the same bad news:
The latest is: Passwords for Google, Yahoo and Hotmail accounts illegally leaked online,
with the headline such as
“Huge data breach hits Google, Hotmail, and Yahoo“ , “Google targeted in e-mail scam”.How can one protect oneself best? How to avoid these huge data breaches?
As a user, or consumer and customer one has to log in several times a day. About twenty logins a day is the average for an ordinary user.
In order to avoid data breaches of any kind one has to use „strong“ passwords and not use only one master password.
Strong passwords should have at least 14 character, they should be a combination of characters, numbers and symbols. They shouldn’t be real words of a language. They shouldn’t have a relation any to one’s or my family, pets, etc. And we are advised not store our passwords.
Some people say strong passwords are bad passwords, because they are too complicated to remember and you have to write them down.
Some people also say that the longest and encrypted password is breakable, if you simply give it away during a phishing attack.
What could help against this; image the following scenario:
Þ If there are only time-based disguised passwords and the submission of the actual original password locks the accounts
Þ that the user’s credential are transmitted and stored only encrypted,
Þ That the user starts the login within a secure application on the desktop.

What if it was possible to?
Þ use the whole UTF-16 character set, that means 63353 characters to create a complex password which is easy to remember?
Þ use time-based disguised passwords?
All these can be achieved by one single image. This image can be easy to recall. You will never have to write down the password. With this one image you can create different passwords for many different applications, or addressees.

If you become curious to how it is done then take your time and visit our web site:
https://www.fabularosa.com
If you click on the button you can get a first impression of how complex passwords might look.
Or simply click on this link to help us with our survey
https://www.fabularosa.com/survey
in order to answer some question in the areas of:
passwords in general, the citizen’s position in authentication process, and suitable business models for SMEs developing “global born” rich internet application (RIAs).
Participants in the survey have the possibility to download the whole application .

We look forward to your participation.

On 16th of September we have sent out our circular letter to about 400 people all over the world who are concerned with the topics of authentication, cryptographic or IT security.
Our reason for doing this was to raise interest in the topic of “unbreakable” passwords. We would like to know what the potential user thinks about the application of long and complex passwords which are sufficient for current and future requirements, but easy to remember by a graphic image.
This we have achieved by the development of an RIA Application on the basis of ADOBE AIR.
We are looking for potential partners for cooperation in areas such as:
Science, Law, Marketing, Sales, and hardware operation.
We look forward to get a response to our circular letter, and we are hoping to make contact with many people at the RSA Conference in London (20th-22th October 2009), and hope to raise interest in our solution.