Amy Lenzo, profile picture
Uploaded byAmy Lenzo
PPTX, PDF1,434 views

Dan Boneh - SaTC Cyber Cafe

This document proposes using implicit learning and the human memory system to authenticate users at secure facilities in a way that cannot be extracted through coercion. It suggests training users' basal ganglia through repeated exposure to learn an authentication credential, which could then be tested at login but would not be consciously accessible and therefore resistant to techniques like rubber hose attacks. An experiment found participants exhibited no recognition of the credential after training, indicating it was stored implicitly rather than explicitly through conscious learning.

Embed presentation

Download to read offline
Rubber hose resistant cryptography H. Bojinov, D. Sanchez, P. Reber, D. Boneh, P. Lincoln
Rubber hose attacks Problem: authenticating users at the entrance to a secure facility Current solutions: • Smartcards: can be stolen • Biometrics: can be copied or spoofed • Passwords: can be extracted with a rubber hoze Is there a non-extractable credential?
The human memory system • Hippocampus: conscious learning – Learns from single examples • Basal ganglia: “implicit learning” – Learns from many repeated samples Our work: use implicit learning to teach a credential – Credential can be tested at authentication time – … but credential is not consciously accessible !!
Implicitly learning a credential http://brainauth.com Participants exhibit essentially no recognition after training

More Related Content

PPTX
Peter Muhlberger - SaTC Cyber Cafe
byAmy Lenzo
 
PPTX
SaTC Cyber Cafe Jeremy Epstein
byAmy Lenzo
 
PPTX
Stefan Savage Cyber Cafe
byAmy Lenzo
 
PPTX
Lorrie Cranor - Usable Privacy & Security
byAmy Lenzo
 
PPTX
Asal and Rethemeyer - Cyber Cafe
byAmy Lenzo
 
PDF
Graphics session 6
byAmy Lenzo
 
PDF
Visual Capture: Reflecting Collective Intelligence
byAmy Lenzo
 
PPT
Transforming Social Fields
byAmy Lenzo
 
Peter Muhlberger - SaTC Cyber Cafe
byAmy Lenzo
 
SaTC Cyber Cafe Jeremy Epstein
byAmy Lenzo
 
Stefan Savage Cyber Cafe
byAmy Lenzo
 
Lorrie Cranor - Usable Privacy & Security
byAmy Lenzo
 
Asal and Rethemeyer - Cyber Cafe
byAmy Lenzo
 
Graphics session 6
byAmy Lenzo
 
Visual Capture: Reflecting Collective Intelligence
byAmy Lenzo
 
Transforming Social Fields
byAmy Lenzo
 

More from Amy Lenzo

PPT
Wisdom emerging
byAmy Lenzo
 
PPT
Level 1 Learnign Program- SlideShow2
byAmy Lenzo
 
PPTX
Participant list
byAmy Lenzo
 
PPT
Level One Online - SlideShow1
byAmy Lenzo
 
PPS
Just Water
byAmy Lenzo
 
PPT
The World Café Conversation
byAmy Lenzo
 
Wisdom emerging
byAmy Lenzo
 
Level 1 Learnign Program- SlideShow2
byAmy Lenzo
 
Participant list
byAmy Lenzo
 
Level One Online - SlideShow1
byAmy Lenzo
 
Just Water
byAmy Lenzo
 
The World Café Conversation
byAmy Lenzo
 

Dan Boneh - SaTC Cyber Cafe

  • 1.
    Rubber hose resistantcryptography H. Bojinov, D. Sanchez, P. Reber, D. Boneh, P. Lincoln
  • 2.
    Rubber hose attacks Problem: authenticating users at the entrance to a secure facility Current solutions: • Smartcards: can be stolen • Biometrics: can be copied or spoofed • Passwords: can be extracted with a rubber hoze Is there a non-extractable credential?
  • 3.
    The human memorysystem • Hippocampus: conscious learning – Learns from single examples • Basal ganglia: “implicit learning” – Learns from many repeated samples Our work: use implicit learning to teach a credential – Credential can be tested at authentication time – … but credential is not consciously accessible !!
  • 4.
    Implicitly learning acredential http://brainauth.com Participants exhibit essentially no recognition after training