Rubber-hose Cryptanalysis

Its no secret that I love cryptanalysis and randomisation as concepts, and will spend a huge amount of time nutting at problems; firstly trying to understand, and then come up with uses or look at gaps. I’m a geek and that is what some geeks do. Today I cam across a term I’d not heard of: Rubber-hose Cryptanalysis.

Wikipedia = In cryptography, rubber-hose cryptanalysis is the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture,in contrast to a mathematical or technical cryptanalytic attack.

The term recognises that often the weakest point of security is human, and that we as humans are susceptible to forms of brute force attack. Damn, that is dark. Somebody created a term for a very specific reason for torture. I’m scared by that more than impressed, and frankly it is a little disturbing.

Found via a Geek-o-system blog post, which has a nifty XKCD cartoon.

Don’t look at me like that, I thought that was interesting.

Related articles

• Unbreakable crypto: Store a 30-character password in your subconscious memory (extremetech.com)
• Japanese researchers achieve world record cryptanalysis of next-generation cryptography (phys.org)
• Researchers Set New Cryptanalysis World Record for Pairing-based Cryptography (pcworld.com)
• Alan Turing’s Cryptographic Legacy (oup.com)