Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unbreakable Crypto: Store a 30-character Password In Your Subconscious Mind

Posted by samzenpus on from the locked-away dept.

MrSeb writes "A cross-disciplinary team of US neuroscientists and cryptographers have developed a password/passkey system that removes the weakest link in any security system: the human user. It's ingenious: The system still requires that you enter a password, but at no point do you actually remember the password, meaning it can't be written down and it can't be obtained via coercion or torture — i.e. rubber-hose cryptanalysis. The system, devised by Hristo Bojinov of Stanford University and friends from Northwestern and SRI, relies on implicit learning, a process by which you absorb new information — but you're completely unaware that you've actually learned anything; a bit like learning to ride a bike. The process of learning the password (or cryptographic key) involves the use of a specially crafted computer game that, funnily enough, resembles Guitar Hero. Their experimental results suggest that, after a 45 minute learning session, the 30-letter password is firmly implanted in your subconscious brain. Authentication requires that you play a round of the game — but this time, your 30-letter sequence is interspersed with other random 30-letter sequences. To pass authentication, you must reliably perform better on your sequence. Even after two weeks, it seems you are still able to recall this sequence."

2 of 287 comments (clear)

  1. Re:Only one song stays in my mind day after day... by CrimsonAvenger · · Score: 4, Informative

    and I can never remember exactly how many "na-na-na"s go in between the "hey, hey, hey"s and the "good-bye"s.....

    There are eight "nah" as the previous poster said, but none of them are between the "hey, hey, hey" and "good-bye".

    Pretty sure it's "nah-nah-nah-nah, nah-nah-nah-nah, hey, hey, hey, good-bye"....

    --

    "I do not agree with what you say, but I will defend to the death your right to say it"
  2. Re:"Reliably better" by girlintraining · · Score: 3, Informative

    But the brute forcer also has to try all sorts of stupid variations:

    An 8 character password using ASCII printable characters only has 5,595,818,096,650,401 possibilities. I'm guessing less than that number of songs have been written... even with variations in lyrics. Even with a thousand variations per song, and a trillion songs to seed the password cracker... you're still looking at a few minutes, perhaps an hour, to crack your password. Your keyspace is pathetically small.

    Length does not increase entropy.

    --
    #fuckbeta #iamslashdot #dicemustdie