Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unbreakable Crypto: Store a 30-character Password In Your Subconscious Mind

Posted by samzenpus on from the locked-away dept.

MrSeb writes "A cross-disciplinary team of US neuroscientists and cryptographers have developed a password/passkey system that removes the weakest link in any security system: the human user. It's ingenious: The system still requires that you enter a password, but at no point do you actually remember the password, meaning it can't be written down and it can't be obtained via coercion or torture — i.e. rubber-hose cryptanalysis. The system, devised by Hristo Bojinov of Stanford University and friends from Northwestern and SRI, relies on implicit learning, a process by which you absorb new information — but you're completely unaware that you've actually learned anything; a bit like learning to ride a bike. The process of learning the password (or cryptographic key) involves the use of a specially crafted computer game that, funnily enough, resembles Guitar Hero. Their experimental results suggest that, after a 45 minute learning session, the 30-letter password is firmly implanted in your subconscious brain. Authentication requires that you play a round of the game — but this time, your 30-letter sequence is interspersed with other random 30-letter sequences. To pass authentication, you must reliably perform better on your sequence. Even after two weeks, it seems you are still able to recall this sequence."

13 of 287 comments (clear)

  1. repetitive phrases slightly modified by alphatel · · Score: 5, Funny

    This 30-character sequence is played back to the user three times in a row, and then padded out with 18 random characters, for a total of 108 items. This sequence is repeated five times (540 items), and then there’s a short pause. This entire process is repeated six more times, for a total of 3,780 items.

    Replace 'character' with 'note' and it's clear subjects were tortured with Philip Glass for 80 hours and won't soon forget.

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  2. How ingenious by Chrisq · · Score: 5, Funny

    The "cross-disciplinary team of US neuroscientists" came up with the most original excuse ever for why they were spending all their grant money on games consoles and all their time playing games.

    1. Re:How ingenious by loimprevisto · · Score: 2, Funny

      Mods occasionally rate a funny post as something else to boost that person's karma rating, since Funny doesn't give a karma boost.

      ...or at least that's how it used to work, something might have been tweaked in the moderation system since that was true.

      --
      Much Madness is divinest Sense --
      To a discerning Eye --
      Much Sense -- the starkest Madness
  3. Re:"Reliably better" by Anonymous Coward · · Score: 5, Funny

    He's not kidding. I just logged onto his /. account and posted this after reading the password he posted.

  4. Re:"Reliably better" by rjgii · · Score: 5, Funny

    He must have changed it... I can not log in as "Anonymous Coward" anymore =(

  5. Re:"Reliably better" by hlavac · · Score: 3, Funny

    Next up: Most popular song lyrics added to cracklib wordlist :)

  6. Only one song stays in my mind day after day... by Anonymous Coward · · Score: 5, Funny

    and I can never remember exactly how many "na-na-na"s go in between the "hey, hey, hey"s and the "good-bye"s.....

    (welcome to MY hell, and you're welcome!)

  7. Re:"Reliably better" by jgtg32a · · Score: 3, Funny

    I know your password,

    Thank you for being a friend
    Traveled down the road and back again
    Your heart is true, you're a pal and a cosmonaut.

    And if you threw a party
    Invited everyone you ever knew
    You would see the biggest gift would be from me
    And the card attached would say, thank you for being a friend.

  8. Re:"Reliably better" by PopeRatzo · · Score: 1, Funny

    Personaly I use a 30+ characters long easily typed sentence, and for extreme security needs (aka passphrase for sensitive backups) the whole paragraph wich comes at a hefty 180 chars...

    Ain't nobody got time for dat.

    --
    You are welcome on my lawn.
  9. Re:"Reliably better" by DarwinSurvivor · · Score: 4, Funny

    That's a bad example. How hard could it possibly be to memorize a combined 10 words?

  10. Re:"Reliably better" by cstacy · · Score: 4, Funny

    11A ...11A2B...1B2B3...Zero-Zero-Zero Destruct Zero

  11. Yet another Obligatory XKCD by ryzvonusef · · Score: 4, Funny

    http://xkcd.com/851/

    Is there a topic for which there *isn't* a XKCD comic?

    --
    I am an ACCA student. Got a query on Accountancy/Finance? Maybe I can help!
  12. Re:"Reliably better" by Anonymous Coward · · Score: 2, Funny

    Your keyspace is pathetically small

    What if you're a hipster? The attacker would never have even heard of the song whose lyrics you used, so how could he try its lyrics?