rubber hose cryptanalysis
   HOME

TheInfoList



OR:

In
cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...
, rubber-hose cryptanalysis is a
euphemism A euphemism () is an innocuous word or expression used in place of one that is deemed offensive or suggests something unpleasant. Some euphemisms are intended to amuse, while others use bland, inoffensive terms for concepts that the user wishes ...
for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by
coercion Coercion () is compelling a party to act in an involuntary manner by the use of threats, including threats to use force against a party. It involves a set of forceful actions which violate the free will of an individual in order to induce a desi ...
or
torture Torture is the deliberate infliction of severe pain or suffering on a person for reasons such as punishment, extracting a confession, interrogation for information, or intimidating third parties. Some definitions are restricted to acts c ...
—such as beating that person with a rubber
hose A hose is a flexible hollow tube designed to carry fluids from one location to another. Hoses are also sometimes called ''pipes'' (the word ''pipe'' usually refers to a rigid tube, whereas a hose is usually a flexible one), or more generally '' ...
, hence the name—in contrast to a mathematical or technical
cryptanalytic attack Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
.


Details

According to
Amnesty International Amnesty International (also referred to as Amnesty or AI) is an international non-governmental organization focused on human rights, with its headquarters in the United Kingdom. The organization says it has more than ten million members and sup ...
and the UN, many countries in the world routinely torture people. It is therefore logical to assume that at least some of those countries use (or would be willing to use) some form of rubber-hose cryptanalysis. In practice, psychological coercion can prove as effective as physical
torture Torture is the deliberate infliction of severe pain or suffering on a person for reasons such as punishment, extracting a confession, interrogation for information, or intimidating third parties. Some definitions are restricted to acts c ...
. Not physically violent but highly intimidating methods include such tactics as the threat of harsh legal penalties. The incentive to cooperate may be some form of
plea bargain A plea bargain (also plea agreement or plea deal) is an agreement in criminal law proceedings, whereby the prosecutor provides a concession to the defendant in exchange for a plea of guilt or '' nolo contendere.'' This may mean that the defendan ...
, such as an offer to drop or reduce criminal charges against a suspect in return for full co-operation with investigators. Alternatively, in some countries threats may be made to prosecute as co-conspirators (or inflict violence upon) close relatives (e.g. spouse, children, or parents) of the person being questioned unless they co-operate. In some contexts, rubber-hose cryptanalysis may not be a viable attack because of a need to decrypt data covertly; information such as a password may lose its value if it is known to have been compromised. It has been argued that one of the purposes of strong cryptography is to force adversaries to resort to less covert attacks. The earliest known use of the term was on the sci.crypt newsgroup, in a message posted 16 October 1990 by
Marcus J. Ranum Marcus J. Ranum (born November 5, 1962, in New York City, New York, United States) is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for t ...
, alluding to corporal punishment: Although the term is used
tongue-in-cheek The idiom tongue-in-cheek refers to a humorous or sarcastic statement expressed in a serious manner. History The phrase originally expressed contempt, but by 1842 had acquired its modern meaning. Early users of the phrase include Sir Walter Scott ...
, its implications are serious: in modern
cryptosystems In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, such as confidentiality (encryption). Typically, a cryptosystem consists of three algorithms: one for key generation, one for ...
, the weakest link is often the human user. A direct attack on a cipher algorithm, or the
cryptographic protocol A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol describe ...
s used, is likely to be much more expensive and difficult than targeting the people who use or manage the system. Thus, many cryptosystems and security systems are designed with special emphasis on keeping human vulnerability to a minimum. For example, in
public-key cryptography Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
, the defender may hold the key to encrypt the message, but not the decryption key needed to decipher it. The problem here is that the defender may be unable to convince the attacker to stop coercion. In plausibly
deniable encryption In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists. The users ...
, a second key is created which unlocks a second convincing but relatively harmless message (for example, apparently personal writings expressing "deviant" thoughts or desires of some type that are lawful but taboo), so the defender can prove to have handed over the keys whilst the attacker remains unaware of the primary hidden message. In this case, the designer's expectation is that the attacker will not realize this, and forego threats or actual torture. The risk, however, is that the attacker may be aware of deniable encryption and will assume the defender knows more than one key, meaning the attacker may refuse to stop coercing the defender even if one or more keys are revealed: on the assumption the defender is still withholding additional keys which hold additional information.


In law

In some jurisdictions, statutes assume the opposite—that human operators know (or have access to) such things as session keys, an assumption which parallels that made by rubber-hose practitioners. An example is the United Kingdom's Regulation of Investigatory Powers Act, which makes it a crime not to surrender encryption keys on demand from a government official authorized by the act. According to the Home Office, the burden of proof that an accused person is in possession of a key rests on the prosecution; moreover, the act contains a defense for operators who have lost or forgotten a key, and they are not liable if they are judged to have done what they can to recover a key.


Possible case

In the lead-up to the
2017 Kenyan general election General elections were held in Kenya on 8 August 2017 to elect the President, members of the National Assembly and Senate. They coincided with the 2017 Kenyan local elections which elected Governors and representatives in the devolved governmen ...
, the head of information, communication, and technology at the Independent Electoral and Boundaries Commission, Christopher Msando, was murdered. He had played a major role in developing the new voting system for the election. His body showed apparent marks of torture, and there were concerns that the murderers had tried to get password information out of him.


In popular culture

* A well-known
xkcd ''xkcd'', sometimes styled ''XKCD'', is a webcomic created in 2005 by American author Randall Munroe. The comic's tagline describes it as "a webcomic of romance, sarcasm, math, and language". Munroe states on the comic's website that the name ...
comic
xkcd 538: Security
describes the issue. In the first panel a crypto nerd imagines that due to his advanced encryption (4096-bit RSA), the crackers will be ultimately defeated, despite having access to million-dollar hardware. In the second panel, the people with the desire to access this information use a five-dollar wrench and torture to coerce the nerd to give them the password.
Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...
.
xkcd on Cryptanalysis
/ref>


See also

* * * * * (encrypted filesystem)


References

{{Reflist


External links


The Best Defense Against Rubber-Hose Cryptanalysis
by
Cory Doctorow Cory Efram Doctorow (; born July 17, 1971) is a Canadian-British blogger, journalist, and science fiction author who served as co-editor of the blog ''Boing Boing''. He is an activist in favour of liberalising copyright laws and a proponent of ...
Cryptographic attacks Espionage techniques Torture Euphemisms