Theme interception sequence learning: Deflecting rubber-hose attacks using implicit learning

Abstract

Existing cryptographic systems use strong passwords but several techniques are vulnerable to rubber-hose attacks, wherein the user is forced to reveal the secret key. This paper specifies a defense technique against rubberhose attacks by taking advantage of image sequence-based theme selection, dependent on a user’s personal construct and active implicit learning. In this paper, an attempt to allow the human brain to generate the password via a computer task of arranging themed images through which the user learns a password without any conscious knowledge of the learned pattern. Although used in authentication, users cannot be coerced into revealing the secret key since the user has no direct knowledge on the choice of the learned secret. We also show that theme interception sequence learning tool works significantly well with mixed user age groups and can be used as a secondary layer of security where human user authentication remains a priority.