CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Learning and Recognizing Human Dynamics in Video Sequences
CVPR '97 Proceedings of the 1997 Conference on Computer Vision and Pattern Recognition (CVPR '97)
Passwords you'll never forget, but can't recall
CHI '04 Extended Abstracts on Human Factors in Computing Systems
Coercion-resistant electronic elections
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Fighting coercion attacks in key generation using skin conductance
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Exploring implicit memory for painless password recovery
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Bi-deniable public-key encryption
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Identification of humans using gait
IEEE Transactions on Image Processing
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
On authentication factors: "what you can" and "how you do it"
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.00 |
Cryptographic systems often rely on the secrecy of cryptographic keys given to users. Many schemes, however, cannot resist coercion attacks where the user is forcibly asked by an attacker to reveal the key. These attacks, known as rubber hose cryptanalysis, are often the easiest way to defeat cryptography. We present a defense against coercion attacks using the concept of implicit learning from cognitive psychology. Implicit learning refers to learning of patterns without any conscious knowledge of the learned pattern. We use a carefully crafted computer game to plant a secret password in the participant's brain without the participant having any conscious knowledge of the trained password. While the planted secret can be used for authentication, the participant cannot be coerced into revealing it since he or she has no conscious knowledge of it. We performed a number of user studies using Amazon's Mechanical Turk to verify that participants can successfully re-authenticate over time and that they are unable to reconstruct or even recognize short fragments of the planted secret.