They gamely plant a secret password in the participant’s brain, they say, in this presentation:
“Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks,” Hristo Bojinov [Stanford University], Daniel Sanchez and Paul Reber [Northwestern University], Dan Boneh [Stanford University], Patrick Lincoln [SRI], 21st USENIX Security Symposium, August 8-12, 2014, Bellevue, Washington. (Thanks to Bruce Schneier for bringing this to our attention.) The authors explain:
“Cryptographic systems often rely on the secrecy of cryptographic keys given to users. Many schemes, however, cannot resist coercion attacks where the user is forcibly asked by an attacker to reveal the key. These attacks, known as rubber hose cryptanalysis, are often the easiest way to defeat cryptography…. We use a carefully crafted computer game to plant a secret password in the participant’s brain without the participant having any conscious knowledge of the trained password. While the planted secret can be used for authentication, the participant cannot be coerced into revealing it since he or she has no conscious knowledge of it.”
The team discussed this at the symposium:
