NeuroCrypt: Evading Coercion Attacks

Overcoming the threat of coercion attacks (where a legitimate user is forced to give up their credentials) in a cryptographic system has been a top priority for system designers since the birth of cyber-security. One way to overcome such a threat is to leverage implicit memory to construct a defense against so-called rubber-hose attacks where the users themselves do not possess conscious knowledge of the trained password.

We are working on NeuroCrypt, a coercion-resistant authentication system that uses an improved version of the Serial Interception Sequence Learning task, employing additional auditory and haptic modalities backed by concepts borrowed from cognitive psychology. We carefully modify the visual stimuli as well as add auditory and haptic stimuli to improve the implicit learning process, resulting in faster training and longer retention. Moreover, our improvements guarantee that explicit recognition of the trained passwords remains suppressed.

We are using cookies to give you the best experience. You can find out more about which cookies we are using or switch them off in privacy settings.
AcceptPrivacy Settings