Give me your password- OR ELSE!

[Phil Karn]

>Car alarms and security systems didn't convince the criminals who make their
>living ripping off cars that the *Good ole days were over* and it was time
>to get a  job at Burger Sri, it spurred them to find new methods to ply
>their trade.

How do you know this? Clearly some crooks may have just moved to more
violent methods, but it's quite probable that others moved off to
other fields where it's easier to make a buck, either legal or
illegal.

Although widely deployed strong cryptography may well cause an
increase in violent, rubber-hose cryptanalysis, this technique is
likely to be useful only for stored encrypted records and for
encrypted communications whose protocols are not secure against this
type of attack, e.g., PGP encrypted email.

But much better protocols exist where online two-way communication is
possible, e.g., signed Diffie-Hellman key exchange, with periodic
automatic rekeying. Once you rekey in such a system, no amount of
rubber hosing will obtain prior session keys; they're gone even to the
participants.

And even if you rubber-hose one of the participants into revealing the
RSA key he uses to sign his DH exchanges, this will only let you
masquerade as him in future conversations. In order to tap his future
conversations surreptitiously, you'd have to rubberhose him without
his knowledge, or hypnotize him into forgetting the incident. I'd say
this is difficult. More so than secretly hacking the machine he uses
to capture his secrets. Once again, it comes down to some level of
physical security, at least while the machine is in actual use.

Phil