Existing cryptographic systems use strong passwords but several techniques are vulnerable to rubber-hose attacks, wherein the user is forced to reveal the secret key. This paper specifies a defence technique against rubber-hose attacks by taking advantage of image sequence-based theme selection, dependent on a user’s personal construct and active implicit learning. In this paper, an attempt to allow the human brain to generate the password via a computer task of arranging themed images through which the user learns a password without any conscious knowledge of the learned pattern. Although used in authentication, users cannot be coerced into revealing the secret key since the user has no direct knowledge on the choice of the learned secret. We also show that theme interception sequence learning tool works significantly well with mixed user age groups and can be used as a secondary layer of security where human user authentication remains a priority.
Dr. Shyam Diwakar, Priya Chellaiah, Dr. Bipin G. Nair, and Dr. Krishnashree Achuthan, “Theme Interception Sequence Learning: Deflecting Rubber-Hose Attacks Using Implicit Learning”, In Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) Springer International Publishing. Springer International Publishing, Switzerland, pp. 495-502, 2014.