July 19, 2017
Posted by on
Heads-up on a great Humble Bundle on crypto, security, hacking, and all sorts of related topics. As a pay-what-you-like deal it’s amazing given these books are worth. I’m really keen to read Threat Modeling: Designing for Security and Cryptography Engineering: Design Principles and Practical Applications; that is my bed side reading set for months to come. Offer ends around the end of July, and found via Bruce Schneier’s blog.
July 20, 2012
Posted by on
Its no secret that I love cryptanalysis and randomisation as concepts, and will spend a huge amount of time nutting at problems; firstly trying to understand, and then come up with uses or look at gaps. I’m a geek and that is what some geeks do. Today I cam across a term I’d not heard of: Rubber-hose Cryptanalysis.
Wikipedia = In cryptography, rubber-hose cryptanalysis is the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture,in contrast to a mathematical or technical cryptanalytic attack.
The term recognises that often the weakest point of security is human, and that we as humans are susceptible to forms of brute force attack. Damn, that is dark. Somebody created a term for a very specific reason for torture. I’m scared by that more than impressed, and frankly it is a little disturbing.
Found via a Geek-o-system blog post, which has a nifty XKCD cartoon.
Don’t look at me like that, I thought that was interesting.