xcept.me is an invention to protect secret inside USB drives by pairing them with authorized computers. I shall no longer worry to lose my secret. Even the password is cracked, no one could access the information inside, except me.
Tiny but high volume USB drives are overwhelming the market. Although these devices have provided mobility on data transfer, they lead to an increasing concern on data leakage problem to both corporate and civilian. Cases of exposure of customers' information are immediately recallable. Many cases even involve renowned financial and public institutions. The public is facing a tremendous but uncontrollable threat of privacy disasters.
To protect secret from being uncorked during transportation, encryption is a widely adopted strategy. It scrambles information to a form unreadable to others. The information owner has to use a secret key to unscramble the information for use. As a common practice nowadays, this key is transported together with the scrambled data inside the same USB drive. These are in turn protected by a password.
If we view the encrypted storage as a vault, the password-based protection of the key can be viewed as a code lock to the vault. Once the code is being exposed, the confidential data can be fully accessed. In order to remember easily, people uses simple passwords or simply personal information like birthday or ID number. This further increases the risk of breaking the vault by quickly guessing out the password.
xcept.me is based on the innovative technology invented by CECID, HKU - the Multi-Factor Data Protection (MFDP) scheme, which can be viewed as a double-lock system. It requires two components to be presented together in order to recover the confidential data: one is a password, and the second one is a physical factor that the data owner possesses, typically a (authorized) computer. A nice thing a bout this scheme is, by destroying either of the components, the lock could never be opened.