In plausibly deniable encryption, a second key is created which unlocks a second convincing but relatively harmless message (for example, apparently personal writings expressing "deviant" thoughts or desires of some type that are lawful but taboo), so the defender can prove to have handed over the keys whilst the attacker remains unaware of the primary hidden message. The problem here is that the defender may be unable to convince the attacker to stop coercion.
For example, in public-key cryptography, the defender may hold the key to encrypt the message, but not the decryption key needed to decipher it. Thus, many cryptosystems and security systems are designed with special emphasis on keeping human vulnerability to a minimum. A direct attack on a cipher algorithm, or the cryptographic protocols used, is likely to be much more expensive and difficult than targeting the people who use or manage the system. Īlthough the term is used tongue-in-cheek, its implications are serious: in modern cryptosystems, the weakest link is often the human user. (in which a rubber hose is applied forcefully and frequently to the soles of the feet until the key to the cryptosystem is discovered, a process that can take a surprisingly short time and is quite computationally inexpensive). the rubber-hose technique of cryptanalysis. The earliest known use of the term was on the sci.crypt newsgroup, in a message posted 16 October 1990 by Marcus J. It has been argued that one of the purposes of strong cryptography is to force adversaries to resort to less covert attacks.
#RUBBER HOSE 2 KEYWORDS PASSWORD#
In some contexts, rubber-hose cryptanalysis may not be a viable attack because of a need to decrypt data covertly information such as a password may lose its value if it is known to have been compromised.
spouse, children, or parents) of the person being questioned unless they co-operate. Alternatively, in some countries threats may be made to prosecute as co-conspirators (or inflict violence upon) close relatives (e.g.
#RUBBER HOSE 2 KEYWORDS FULL#
The incentive to cooperate may be some form of plea bargain, such as an offer to drop or reduce criminal charges against a suspect in return for full co-operation with investigators. Not physically violent but highly intimidating methods include such tactics as the threat of harsh legal penalties. In practice, psychological coercion can prove as effective as physical torture. It is therefore logical to assume that at least some of those countries use (or would be willing to use) some form of rubber-hose cryptanalysis. According to Amnesty International and the UN, many countries in the world routinely torture people.