Unbreakable Crypto: Store a 30-character Password In Your Subconscious Mind 287
MrSeb writes "A cross-disciplinary team of US neuroscientists and cryptographers have developed a password/passkey system that removes the weakest link in any security system: the human user. It's ingenious: The system still requires that you enter a password, but at no point do you actually remember the password, meaning it can't be written down and it can't be obtained via coercion or torture — i.e. rubber-hose cryptanalysis. The system, devised by Hristo Bojinov of Stanford University and friends from Northwestern and SRI, relies on implicit learning, a process by which you absorb new information — but you're completely unaware that you've actually learned anything; a bit like learning to ride a bike. The process of learning the password (or cryptographic key) involves the use of a specially crafted computer game that, funnily enough, resembles Guitar Hero. Their experimental results suggest that, after a 45 minute learning session, the 30-letter password is firmly implanted in your subconscious brain. Authentication requires that you play a round of the game — but this time, your 30-letter sequence is interspersed with other random 30-letter sequences. To pass authentication, you must reliably perform better on your sequence. Even after two weeks, it seems you are still able to recall this sequence."
"Reliably better" (Score:5, Interesting)
I still prefer 80+ character passphrases lifted from song lyrics whenever possible. If you know the song well enough it's impossible to crack, and the search space is still large among people who know you like that particular song
Re: (Score:2)
I still prefer 80+ character passphrases lifted from song lyrics whenever possible. If you know the song well enough it's impossible to crack, and the search space is still large among people who know you like that particular song
I highly doubt that the search space is large enough. You cannot memorize many song texts (no more than a few thousand, and I'm being optimistic here) and it is easy to predict from background information which songs you know and like. Given that, plus the fact that it is highly likely that you will start your passphrase at a word boundary, it looks awfully easy to break your 80+ character passphrase using a customized dictionary attack.
Passphrases from books might fare better, assuming that you have a few
Only one song stays in my mind day after day... (Score:5, Funny)
and I can never remember exactly how many "na-na-na"s go in between the "hey, hey, hey"s and the "good-bye"s.....
(welcome to MY hell, and you're welcome!)
Re: (Score:2)
8, you're welcome
Re: (Score:2)
That is, 8 "nahs", two repetitions of "nah nah nah nah".
Re:Only one song stays in my mind day after day... (Score:5, Informative)
There are eight "nah" as the previous poster said, but none of them are between the "hey, hey, hey" and "good-bye".
Pretty sure it's "nah-nah-nah-nah, nah-nah-nah-nah, hey, hey, hey, good-bye"....
Yet another Obligatory XKCD (Score:5, Funny)
http://xkcd.com/851/ [xkcd.com]
Is there a topic for which there *isn't* a XKCD comic?
Re: (Score:2)
How can you predict which song is used if the person doesn't like it? Also, if the stored hash is small enough, you'd probably sooner brute-force a collision or threaten to kill the persons family.
Re: (Score:2)
People don't tend to memorise songs they don't like. Generally speaking, most users would probably choose a lyric from one of the songs listed as their favourite songs on their Facebook (or equivalent) page. Additionally, if everyone were doing this and you had a collection of hashes you wanted to break, you could probably break a large percentage of them just by choosing the "best" lyrics from a list of the top 100 all-time songs.
Re:"Reliably better" (Score:5, Insightful)
Sadly - songs you hate tend to stick in your memory far too well.
How many people can quote "call me maybe" or Justin Bieber's baby.
Now how many of them actually LIKE those songs ?
Re:"Reliably better" (Score:5, Funny)
Re: (Score:3)
Apple Rodeo Clowdscape Brain Horrible Homunculus Arousing Sixty Icicle
Re:"Reliably better" (Score:5, Funny)
Re: (Score:3)
I like irreversible hashes generate passwords for me salted with wherever I am.
sha1('mypassword'+'slashdot.org')
Tada. Or if you're really paranoid.
sha512(md5(rot13('mypassword'+'slashdot.org');
Even sha512("") is just 0x cf83e1357eefb 8bdf1542850d66d8007d620e4050b5715dc8 3f4a921d36ce9ce4 7d0d13c5d85f 2b0ff8318d2877 eec2f63b931 bd47417a81a538327af927da3e
Good luck cracking that in your or my lifetime.
echo "Hello Worldslashdot.org" | sha512sum
78dce89143430dbbda805 9e7cc12a90c9d8f95090972579cb11bc23d119f7bea9f5
Re:"Reliably better" (Score:5, Insightful)
There's numerous flaws in your plan, but that's beside the point.
The whole point of this system (which you missed) is that it's secure against rubber hose cryptanalysis (aka $5 wrench cryptanalysis).
Re: (Score:2)
Re: (Score:2)
Nope, but you get can tell the "passphrase" and the hash algorithm you used.
Re: (Score:2)
Parents described flaws: Like only characters being 0-9 a-f? Such a crypto function can be known/modified without you knowing?
It's not really secure against the decrypt it or people you know die cryptanalysis, only the don't tell us and people protected by the encryption will live but not you situation.
Re: (Score:2)
Re: (Score:3)
Since it's subconscious, you won't even know that you're revealing it.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Shifting by 64 would result in uppercase letters like A turning into control characters and BELs.
Re: (Score:2)
Re:"Reliably better" (Score:5, Interesting)
That is not true. It has been proven that passphrases can be weaker than passwords, simply because words usually follow each other in an ordered pattern.
You'll be safe from brute force attacks, but not any attack that adds intelligence to the mix. And if the person cracking your password knows it uses music lyrics you love, you'll be even more at risk since it only has to test for the songs you like.
What you just described is NOT safety.
Re:"Reliably better" (Score:5, Interesting)
But the brute forcer also has to try all sorts of stupid variations:
One ton O'Mara
Feel the beat from the tangerine
Scuse me while I kiss this guy
I can see Deirdre now Lorraine has gone
Re:"Reliably better" (Score:4, Informative)
But the brute forcer also has to try all sorts of stupid variations:
An 8 character password using ASCII printable characters only has 5,595,818,096,650,401 possibilities. I'm guessing less than that number of songs have been written... even with variations in lyrics. Even with a thousand variations per song, and a trillion songs to seed the password cracker... you're still looking at a few minutes, perhaps an hour, to crack your password. Your keyspace is pathetically small.
Length does not increase entropy.
Re: (Score:3)
GP was talking about 80 character passwords (not 8), which even if we assume a low entropy of 2 bits per character still gives you 160 bits of entropy. If you throw odd spellings, capitalizations, number substitutions, and in-jokes into the mix, you can significantly increase that number, but 160 bits still puts you well above
Yes it does.
Let X and Y be independent and identi
Re: (Score:3)
Deftones and many genres of music have lyrics which don't follow normal language ordering. How about the song scatman - not many actually like it but the lyrics easily burn into your head.
Re: (Score:2)
But you don't get around the extraction by torture. You can tell someone your password is the first verse of God Save the Queen, but what you've got here is actually a form of biometric password, but instead of a finger print, it is instead using the unique process by which you learn a given task, a kind of 'brainprint'. You can still be coerced to enter the password, having been brought to the location. But would you be able to enter the password under duress?
Re:"Reliably better" (Score:5, Insightful)
Also, what happens if you're just really good at the game? I mean it's based on you being better at playing your password than other chords. If you're playing everything flawlessly are you permanently locked out?
Re: (Score:2)
Not just that, but for rubber-hose methods - have your victim go through the login a couple times, if you can access a remote login - record. Or even over the shoulder recording of a couple logins (well placed security cam) to get the desired sequence?
Seems like this has quite a few flaws.
As for the music lyrics, add quotes from movies/books and poems, and you have an even nicer space to go through. Especially if you can think of (to you) sensible and regular mutilations of the words.
Re:"Reliably better" (Score:4, Funny)
Thank you for being a friend
Traveled down the road and back again
Your heart is true, you're a pal and a cosmonaut.
And if you threw a party
Invited everyone you ever knew
You would see the biggest gift would be from me
And the card attached would say, thank you for being a friend.
Re: (Score:3)
ONE password?! Fail (Score:5, Insightful)
How many standard deviations above 'random guessing' are we talking about? Over how many trials? And 2 weeks is fine, but what about 6 months to a year?
You're missing the point. They're missing the point. It's easy to make one password secure against guessing it in a million years of trying.
But I don't need to remember one password. I need to remember thirty passwords (for my most important stuff, plus another fifty for sites I visit once or twice), all different, and a large subset of which have to be changed every 60 days. If it takes "a 45 minute learning session" for "the 30-letter password to be firmly implanted in your subconscious brain" this is purely out of the question.
And if the answer is "well, just use the the one password because it's unguessable and you can use it for everything"-- yeah, what could possibly go wrong?
Fail.
Re: (Score:3)
Re:"Reliably better" (Score:5, Funny)
He's not kidding. I just logged onto his /. account and posted this after reading the password he posted.
Re:"Reliably better" (Score:5, Funny)
Re: (Score:3)
This subconscious method works well. Ask any lone, crazed gunman. Just don't mention "Catcher in the Rye".
Re: (Score:3, Funny)
Re: (Score:2, Funny)
Ain't nobody got time for dat.
Re: (Score:3)
Re: (Score:2)
While an interesting exercise, with outstanding payoff, I'd prefer to memorize the names of people that have been convicted of breaking into systems and abusing them, then sentenced to 30-50 years in a Gulag.
Think about it: forcing yourself to memorize a long stupid string because there are jerks out there that will break into your stuff, steal your identity, and give your credit card numbers for pennies per. There's something wrong here.
Re: (Score:3)
repetitive phrases slightly modified (Score:5, Funny)
Replace 'character' with 'note' and it's clear subjects were tortured with Philip Glass for 80 hours and won't soon forget.
Re: (Score:2)
Replace 'character' with 'note' and it's clear subjects were tortured with Philip Glass for 80 hours and won't soon forget.
I notice the study didn't report on how many subjects jumped out the window afterward [imdb.com].
So to recover your password ... (Score:5, Insightful)
State Security forces you to play this game?
Re:So to recover your password ... (Score:5, Interesting)
The game only works if the machine knows what your password is, so that you can succeed at playing that sequence better.
Which reveals the flaw in the scheme ; currently, the computer you are logging into doesn't need to know your password - it stores a hash instead. With this scheme, the machine needs a way to recover your password as plaintext, so that it can test you on it. Which means that if you can sieze the system itself, you can get into it, you just need to extract the password and train someone else to know it.
Re: (Score:2)
Shared secrets are not insecure. Applied incorrectly they are insecure.
When a given pairing is unique (i.e. the credential authenticates exactly one endpoint to exactly one other endpoint), then a breach of the level of acquiring the password data is likely going to yield nothing more than you already have: free reign over the system holding the data. In this case, the authenticator selected the characters randomly.
Shared secrets generally allow something that's impossible with one-way hashes: Being inher
Re: (Score:3)
I think this is one of the biggest weaknesses with any password-based system. We're too dependent on uncontrolled terminals, and nobody has figured out to do SSL directly to the human brain.
We like to blanket ourselves in feel-good measures like PCI/etc, but the fact is that nobody really knows if that box you're punching a PIN/etc into has been tampered with.
Re: (Score:3, Interesting)
Re: (Score:2)
I could rig the game to let the user play random strings
Seems like that would take a pretty long time for 30 characters. Plus it might not work the way you describe -- it's not necessarily true that the user would be better at playing any substring.
Re: (Score:2)
Homey don't play that game.
How ingenious (Score:5, Funny)
Re: (Score:2, Insightful)
I can't stand idiots like you, who always act as if games were an "excuse" or "waste of time", when they are the MOTHER of all education, art, sports and entertainment.
There is no better way to explore something new, than games. That's what they are there for.
It's things like school as we know it, that is a waste of time and deeply utterly wrong.
Re: (Score:3)
How on Earth did the parent get modded "Informative"? Funny, yes, informative, no.
Re: (Score:3, Funny)
...or at least that's how it used to work, something might have been tweaked in the moderation system since that was true.
How is that resistant to rubber-hose cryptography? (Score:5, Insightful)
Log in or else!
Re: (Score:2)
Presumably the stress of duress would ruin your performance.
Re: (Score:3)
Re: (Score:3)
Well, then your account is safe, but you get to expereince "or else". The problem with any rubber hose proof system, is getting the people with rubber hoses to agree that there efforts won't work.
Does the server need to know the password? (Score:5, Insightful)
Re: (Score:2)
Sort of - there are caveats.
There are a few ways to do this.
Pretending that it's for the moment typing a letter in response to some other letter.
If the correct response to a stimulus 'A' is 'a' - then the server can take a response to a randomly chosen phrase -
AQRGS, and then get response fqrgs, and hand both of these over to an authentication server, which determines the match.
Or, it can contact an authentication server, which deals with both the exact challenge to be sent, and verifies the response.
In som
Re:Does the server need to know the password? (Score:4, Insightful)
Or, it can contact an authentication server, which deals with both the exact challenge to be sent, and verifies the response.
In some apps, this may be a valid way to do things.
Not really... if I want to crack your password, all I have to do is send a few requests to the authentication server, and look at the challenges it responds with. Find the sequence of 30 characters that's repeated in all of them, and there's your password.
Standard password security practices. (Score:5, Insightful)
Their experimental results suggest that, after a 45 minute learning session, the 30-letter password is firmly implanted in your subconscious brain. Authentication requires that you play a round of the game
I'm assuming I'll still be automatically logged out after 5 minutes of inactivity, cannot recover but will have to change my password when forgotten and passwords will expire every month?
Also; the research suggests users will have to perform better on the injected "password" sequences than random sequences... how will they deal with top players that get a perfect score every time for the entire sequence?
Re: (Score:2)
Nevermind that: They seriously expect people to sit through 45 minutes of training to learn a password?
And how long to log in?
But the biggest problem I see apart from the plain text storage of passwords is that people don't just authenticate to one place, but dozens or more. This could only work it was a global SSO system, where you log in once. But that implies that if the system is compromised anywhere it's compromised everywhere.
Colour me unimpressed. It's good that people study these things, but we need a system where scientists can report their study as a failure and still be thanked for their job.
Easy to remember (Score:2)
Up, left, left, left, down, up, down, up, right. Got it.
All NES players have a subconscious password: (Score:3)
up-up-down-down-left-right-left-right-B-A-start
Re: (Score:2)
up-up-down-down-left-right-left-right-B-A-start
care to elaborate?
Apparently some kind of masturbation joke.
38 bits of entropy (Score:2, Insightful)
Another variant (Score:3)
The system requires that you copy-write a short random message by hand, but at no point do you actually remember the subtleties of your individual writing style, like the ballpoint pressure or distribution of the shape of "o"s, meaning it can't be presented as a plain sequence of letters and it can't be obtained via coercion or torture i.e. rubber-hose cryptanalysis. The system, devised by Anonymous Coward, relies on implicit learning, a process by which you absorb new information, but you're completely unaware that you've actually learned anything; a bit like learning to ride a bike. The process of learning the password (or cryptographic key) does NOT involve anything, as your writing style is likely already precisely and intricately shaped for years.
Without a human specialist, a dedicated OCR software would need to be developed, though...
Re: (Score:2)
Yes, it's an obvious problem, just like with playing the game the same.
I do not claim, that a system like that would be good in general. I just wondered, if it could be simplified by resuing what's already learned.
No coercion? (Score:2)
Forty Five Minutes? (Score:2, Interesting)
Who has 45 min to learn a new password? I can't see a company willing to
pay someone for 0.75hr just to learn a password.
-AI
Re: (Score:2)
Who has 45 min to learn a new password? I can't see a company willing to pay someone for 0.75hr just to learn a password.
-AI
Well then I suppose you would find a company who finds no point in protecting their most valuable asset (people) from losing their second most valuable asset (information).
Maybe the senior executives would sing a different tune if you showed them that 75% of their current workforce passwords were cracked in 45 seconds or less.
Re: (Score:3)
Who has 45 min to learn a new password? I can't see a company willing to
pay someone for 0.75hr just to learn a password.
-AI
Well then I suppose you would find a company who finds no point in protecting their most valuable asset (people) from losing their second most valuable asset (information).
Maybe the senior executives would sing a different tune if you showed them that 75% of their current workforce passwords were cracked in 45 seconds or less.
Or they just might figure that people who lack the capacity to memorize a reasonably complex password may not, after all, be all that valuable of an asset.
Re: (Score:3)
Who would allow a truly secure system to have static passwords - most require a change once a month. Now it costs 9 hours a year, or 0.5% of your entire payroll costs just to learn the passwords. Since the sequence must be played back using a large string of random sequences in which the password sequence is embedded, I presume that would probably take at least 2 minutes to be of both necessary and sufficient length. Let's presume that you only have to log in twice a day (when you arrive, and when you com
Re: (Score:2)
Passwords are way overrated. This would neither increase nor reduce security issues, merely exchange sets. On the other hand, Guitar Hero might become extremely popular.
Re: (Score:3)
HAHAHAHAHAHAHAHAHAHAHA... oh wait, you were serious, let me laugh even harder...
To the vast majority of companies out there, you are not an asset, you are a liability on a balance sheet. Nobody can ever work hard enough to justify their salary, no matter how pathetic or insulting that salary is. You are less valuable than the office furniture.
Uh, maybe I'm missing something but (Score:2)
it can't be obtained via coercion or torture â" i.e. rubber-hose cryptanalysis
Correct me if I'm wrong, but I fail to see how that could be true. How could you NOT be forced to play the authentication "game" by torture or coercion? wtf?
Re: (Score:2)
it can't be obtained via coercion or torture â" i.e. rubber-hose cryptanalysis
Correct me if I'm wrong, but I fail to see how that could be true. How could you NOT be forced to play the authentication "game" by torture or coercion? wtf?
How are you going to type your password... if you have no fingers?
Re: (Score:2)
Very slowly. With your tongue. On the super-grimy keyboard from the public kiosk in the lobby.
So why don't you just make things easier for everybody and log in before Mr. Nibbles gets hungry? *display bolt cutters*
Good direction, impractical solution (Score:3)
Passwords are clearly a very bad idea - they just don't work for any number of logical, social and practical reasons. So it's great to see real thought going into alternatives. Although I think the overhead of 45 mins learning and other issues with this are a problem, I think the general premise must have something in it that would work well.
The fact we can recognise that we know something, even if we can't repeat it - e.g. you know if someone sings the wrong lyrics to a song even if you can't remember them yourself - MUST have some solution to this problem embedded in it somewhere...
Biometrics? (Score:2)
Re: (Score:2)
My passwords work just fine. What's wrong with yours?
Problem (Score:3)
This requires the password to be stored in clear in the system. I think the brain is more trustworthy than that...
Two weeks? (Score:3)
We need to recall the password after 1 year or even 2.
Please, go on with the tests!
Cannot protect (Score:2)
Completely broken. (Score:4, Insightful)
A 30-character password sounds awfully strong (60^30 combinations if upper/lower-case chars and numbers are used). However, from the article: "Authentication requires that you play a round of the game — but this time, your 30-letter sequence is interspersed with other random 30-letter sequences". This means that the number of characters is irrelevant, really. What matters is the number of "30-letter sequences", and since you need to play them all, they will need to be limited. How many? 10 would probably too many to play, but will still only be the equivalent of a single-digit password. This system will be trivial to crack with brute-force guesses.
Even worse, repeated "login attempts" will reveal which sequence is the correct one - simply check which sequence repeats between tries.
Does my subconscious know the login URL? (Score:2)
How does your subconscious know which password to use? How many 30-bit passwords can be "implanted"?
Incidentally, the fact that the password is known is really not an issue, if you consider it simply another factor of security. I wouldn't want to play a damned game every time to log in anyway, but if I only occasionally used an account and this was used to verify the system I was on, that would be fine. Call it the Rumsfeld system: you log in with something you know, and something you don't know you know.
Login prompt (Score:2)
So yeah, how'd you type this in a login prompt?
Re: (Score:3)
Beatmania IIDX (Score:2)
Seriously, does nobody play Beatmania/IIDX here?
If I'm not mistaken, the only way the system checks whether you know the password is to ask you to play a pseudo-random "game", which they presume a person trained with the passphrase will play better. ...
And I guess the authors haven't ever got pwned by an expert IIDX player.......
(Just search Youtube for videos. If you think 45 minutes is enough for you to play better than them, you're terribly mistaken...)
Re: (Score:2)
Re: (Score:2)
I've been doing something similar to this for the past 4 years.
I have a password that I can hardly spell (without looking at the keyboard), but I know how to type it fast.
Ditto. My typo's frequently consist of typing completely the wrong word.
Re: (Score:2)
It doesnt provide the same entropy as the regular password though. You can only move to 7 adjacent squares, and it very likely that you will travel in a straight direction. As long people understand password length, and pattern length are not the same, make it quite random, it should be good.
Re: (Score:2)
If the user authenticates by performing some action, they can be coerced into performing that action.
Do you think having your piano teacher stand beside you slapping a rubber hose in her palm while you play makes it less likely for you to miss a note?
Re: (Score:2)
the hose isn't necessary. Just the rubber would do, I guess.
Bert
Re: (Score:2)
They ask you for your cat's name...
Schroedinger stole my cat you insensitive clot!
Re: (Score:2)
okay, I know people hate the dream explanations, esp. from men. But I had a dream where I was interviewing with a company [like a hipster startup like facebook sorta] and they used something like a midi sequencer and a keyboard to enter in the password in order to roll to production servers. All they guy needed to do was remember how to play the song... the whole song. He kept headphones and since he was a Senior, sat in the front center of the room like a dj. When the password was correct, the install scripts would start running and lights would blink and stuff, it was a big event (I guess this fantasy company doesn't roll everyday? it was a dream okay)
so, in conclusion, cant a song be a password?
Of course it could, but it would be a PITA to input and rather easy to guess by bystanders from a small sample. It would also be rather easy to set up a dictionary type attack.