Bitcoin Forum
December 15, 2017, 10:49:51 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Defeating Rubber-Hose Cryptanalysis  (Read 3782 times)
jago25_98
Hero Member
*****
Offline Offline

Activity: 901


Crypto Geek


View Profile
July 30, 2012, 03:28:14 AM
 #1

 I wonder if there should be a forum dedicated just to security...

I'm sure you're all familiar with


 How to deter?

Idea 1) Steganography

Idea 2) Additional factor: Share the private key between 4 execs. 2 of the group are required to decrypt the code. 4 not 2 in case one of the pair dies.

Idea 3) Time based auth. Have a factor that only becomes clear when a certain time happens. Hard to implement in practice? Could it be something such as how light falls on the earth or something stranger? How could this work in practice?

Idea 4) p2p auth. Need a peer to peer network agree and get concensus to decrypt the key.

Idea 5) Deniable encryption. Like carrying 2 wallets, one low value. Can't see this workingm they might be able to tell you are lying.

Idea 6) Do something funny with public key encryption?

Idea 7) Just bury half of the key somewhere awkward to get to. In another country perhaps. If you had a yacht and got captured would this deter or would you really want access to that for a bribe?


Anything else? How to make these things more workable? Is there a way to give a 3rd party access to a wallet in such a way that they can only pay out to an address you hold? That way you could give grandma/wife half the savings and get an allowance so you can't go gambling.

Crypto supporter!
1513378191
Hero Member
*
Offline Offline

Posts: 1513378191

View Profile Personal Message (Offline)

Ignore
1513378191
Reply with quote  #2

1513378191
Report to moderator
1513378191
Hero Member
*
Offline Offline

Posts: 1513378191

View Profile Personal Message (Offline)

Ignore
1513378191
Reply with quote  #2

1513378191
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
SuperP
Sr. Member
****
Offline Offline

Activity: 364



View Profile
July 30, 2012, 04:29:54 AM
 #2

Idea 2) Additional factor: Share the private key between 4 execs. 2 of the group are required to decrypt the code. 4 not 2 in case one of the pair dies.

Shamir's Secret Sharing Scheme (http://point-at-infinity.org/ssss/) can do this.  You can split the private key into N encrypted secret strings and give them to different people.  The original private key can only be reconstructed if X secrets are combined.

Idea 3) Time based auth. Have a factor that only becomes clear when a certain time happens. Hard to implement in practice? Could it be something such as how light falls on the earth or something stranger? How could this work in practice?

The closest thing I can think of to what you describe is having some third party only give you what you ask for at a certain time.

Another option that might be somewhat applicable is Encryption based on Time Reversal Transformations (http://comjnl.oxfordjournals.org/content/32/3/241.full.pdf (Skip to the Discussion section)).  It's where you have some data, apply some rule to it to change it, and do that over and over again for X steps.  There's no easy shortcut to skip steps.  To decrypt it you would have to apply the rules in reverse and go through each step backwards until you got to your original data.  This isn't measured in time exactly, because if you encrypt something on a slow computer, a fast computer would be able to reverse it quicker.


██████████████████            ██████████
████████████████              ██████████
██████████████          ▄█   ███████████
████████████         ▄████   ███████████
██████████        ▄███████  ████████████
████████        ▄█████████  ████████████
██████        ▄███████████  ████████████
████       ▄██████████████ █████████████
██      ▄███████████████████████████████
▀        ███████████████████████████████
▄          █████████████████████████████
██▄         ▀███████████████████████████
████▄        ▀██████████████████████████
██████▄        ▀████████████████████████
████████▄        ████████████████▀ █████
██████████▄       ▀█████████████  ██████
████████████▄       ██████████   ███████
██████████████▄      ▀██████    ████████
████████████████▄▄     ███     █████████
███████████████████▄    ▀     ██████████
█████████████████████▄       ███████████
███████████████████████▄   ▄████████████





▄█████████████████   ███             ███   ███   ███▄                ▄███            █████            ████████████████   ████████████████▄             █████
███▀                 ███             ███   ███   ████▄              ▄████           ███████           ███                ███           ▀███           ███████
███                  ███             ███   ███   █████▄            ▄█████          ███▀ ▀███          ███                ███            ███          ███▀ ▀███
███                  ███             ███   ███   ███ ███▄        ▄███ ███        ▄███▀   ▀███▄        ███                ███           ▄███        ▄███▀   ▀███▄
███                  ███████████████████   ███   ███  ▀██▄      ▄██▀  ███       ▄███▀     ▀███▄       ████████████████   ████████████████▀        ▄███▀     ▀███▄
███                  ███             ███   ███   ███   ▀███    ███▀   ███      ▄███▀       ▀███▄      ███                ███        ███          ▄███▀       ▀███▄
███                  ███             ███   ███   ███    ▀███  ███▀    ███     ▄███▀         ▀███▄     ███                ███         ███        ▄███▀         ▀███▄
███▄                 ███             ███   ███   ███      ██████      ███    ▄███             ███▄    ███                ███          ███      ▄███             ███▄
▀█████████████████   ███             ███   ███   ███       ████       ███   ▄███               ███▄   ████████████████   ███           ███    ▄███               ███▄

|
|
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
July 30, 2012, 04:50:01 AM
 #3

Regulate rubber hoses?

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
mb300sd
Legendary
*
Offline Offline

Activity: 1260

Drunk Posts


View Profile WWW
July 30, 2012, 04:53:26 AM
 #4

Store the private key in a microcontroller that won't release it until a certain time using only the internal oscillator, enable code-protect so it can't be read or reprogrammed. Not 100% secure, but certainly significantly more difficult than any software-only solution to break.

1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco
TangibleCryptography
Sr. Member
****
Offline Offline

Activity: 476


Tangible Cryptography LLC


View Profile WWW
July 30, 2012, 04:56:36 AM
 #5

On #3 there are timelock encryption algorithms.  Methods that even given the "secret" it will take hours or even years to produce the key.  Most timelock encryption algorithms can be parallized in encrypting but not in decrypting.  So you could create a problem which takes 1 CPU year to complete and then rent 365 Amazon instances and produced the encrypted output for storage in just a day.  However decryption would require 1 CPU year to complete (well maybe single core get a little faster and overlocked so someone can "brute force" it in 6 months).
nimda
Hero Member
*****
Offline Offline

Activity: 784


0xFB0D8D1534241423


View Profile
July 30, 2012, 05:14:55 AM
 #6

Cool, SSSS takes BTC donations at 1BWary.

I recommend asking me for a signature from my GPG key before doing a trade. I will NEVER deny such a request.
unicron
Newbie
*
Offline Offline

Activity: 25


View Profile
July 30, 2012, 07:43:59 PM
 #7

Idea 5) Deniable encryption. Like carrying 2 wallets, one low value. Can't see this workingm they might be able to tell you are lying.

Truecrypt can do this. 

http://www.truecrypt.org/docs/?s=plausible-deniability

See also http://marutukku.org/
garyrowe
Full Member
***
Offline Offline

Activity: 124



View Profile WWW
July 31, 2012, 12:01:16 PM
 #8

Some more discussion about this topic here: http://bitcoin.stackexchange.com/questions/517/how-can-a-single-person-operation-keep-a-collection-of-online-wallets-secure

And on the crypto site here: http://crypto.stackexchange.com/questions/746/how-should-one-implement-a-delegated-shared-trust-protocol

Bitcoin enthusiast and Java programmer contributing to https://multibit.org and http://bitcoin.stackexchange.com
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
July 31, 2012, 12:30:00 PM
 #9

I think SSS with the keys given to individuals spread over a large geographic location (multiple countries), their real identities need to be secret.

In some situations this might result in you getting killed, so you need to have deniable encyption as well.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
EhVedadoOAnonimato
Hero Member
*****
Offline Offline

Activity: 616



View Profile
July 31, 2012, 12:50:38 PM
 #10

You forgot an important thing: privacy.

Many of the techniques you mention become useless if your attacker is really evil and knows for sure that you have or control at least X amount of money hidden somewhere. If he also happens to know the habits of your family members, things may get ugly.
hazek
Legendary
*
Offline Offline

Activity: 1078


View Profile
July 31, 2012, 12:54:37 PM
 #11

A hardware problem can be solved with a hardware solution and I believe there's an invention that deals with the problem presented in the OP..

Just use one of these:


... and don't let them catch you. I believe it's also possible to hire people who will carry those for you and protect you if necessary.

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
Elwar
Legendary
*
Offline Offline

Activity: 2310


www.bitpools.com


View Profile WWW
July 31, 2012, 02:35:24 PM
 #12

Safes have time controls where only certain times of day you can open it.

Same could be done for a wallet.

http://www.bitpools.com
Pool your bitcoins with others. Vote on solutions using the Bitcoin blockchain. Keep your bitcoins in your cold storage until you find a solution you like.
Links and Reviews of useful every day places to spend bitcoins: https://bitcointalk.org/index.php?topic=943143.0
MysteryMiner
Legendary
*
Offline Offline

Activity: 938



View Profile
August 01, 2012, 12:05:31 AM
 #13

Safes have time controls where only certain times of day you can open it.

Same could be done for a wallet.
Have You ever tried to change time in BIOS?

Probably best hardware against rubber-hose cryptanalysis is a AK-74 and RGD grenade.
ben-abuya
Sr. Member
****
Offline Offline

Activity: 323



View Profile WWW
August 01, 2012, 12:20:01 AM
 #14


Idea 3) Time based auth. Have a factor that only becomes clear when a certain time happens. Hard to implement in practice? Could it be something such as how light falls on the earth or something stranger? How could this work in practice?

nLockTime should handle this: https://en.bitcoin.it/wiki/Contracts

http://lamassubtc.com/
Lamassu Bitcoin Ventures
Topazan
Sr. Member
****
Offline Offline

Activity: 354


View Profile
August 01, 2012, 12:22:23 AM
 #15

What about writing down the secret (with archival quality materials) and storing it in a safe deposit box?

Save the last bitcoin for me!
jago25_98
Hero Member
*****
Offline Offline

Activity: 901


Crypto Geek


View Profile
August 01, 2012, 12:28:44 AM
 #16

There a lot of good ideas here but they seem a bit hard work for the average person, especially if you're trying to avoid keyloggers. Truecrypt and deniability is a good step but you might cave under pressure.

I'd like to see the ability to use one time paper passwords and Google Authenticator as a second factor. You can already do this at blockchain mywallet.

SSSS sounds good. I guess that is 2x better than splitting the key in half between 2+ people?

I guess time delay could be done by block discovery.

Open-Transactions is intended exactly for this situation afaik.

Offline wallets sound great for this problem but they're stuck in set amounts. I guess you could always make a lot of small offline wallets... I wonder if subdivisions are possible mathematically via a third party in the calculation. That is, you could have another p2p system for subdivisions i.e. trading Bitcoin for 2 Litecoin keys in a p2p way...

nLockTime sounds interesting. Kinda treads on OpenTransaction's toes a bit but I really didn't know we had that - good news

"Imagine that you open an account on a website (eg, a forum or wiki) and wish to establish your trustworthiness with the operators, but you don't have any pre-existing reputation to leverage. One solution is to buy trust by paying the website some money. But if at some point you close your account, you'd probably like that money back"

^ why not have this on direct exchange networks? hmm... I guess it's a form of debt though which is exactly what Bitcoin is against... ?

Crypto supporter!
LightRider
Legendary
*
Offline Offline

Activity: 1485


I advocate the Zeitgeist Movement & Venus Project.


View Profile WWW
August 01, 2012, 01:18:52 AM
 #17

Establish a resource based economy that provides all people with their basic needs, allows for a safe and high standard of living and encourages all people to meet their highest potential. No longer need to protect or hide irrelevant money.

Bitcoin combines money, the wrongest thing in the world, with software, the easiest thing in the world to get wrong.
Visit www.thevenusproject.com and www.theZeitgeistMovement.com.
LightRider
Legendary
*
Offline Offline

Activity: 1485


I advocate the Zeitgeist Movement & Venus Project.


View Profile WWW
August 01, 2012, 02:57:01 AM
 #18

Establish a resource based economy that provides all people with their basic needs, allows for a safe and high standard of living and encourages all people to meet their highest potential. No longer need to protect or hide irrelevant money.

If my basic needs are met, I'm not going to be meeting my highest potential, I'm going to be fulfilling my basest desires.

Are you being encouraged to meet your highest potential? If so, why would you engage in mind numbing and boring activities that do not provide any longterm fulfillment?

Bitcoin combines money, the wrongest thing in the world, with software, the easiest thing in the world to get wrong.
Visit www.thevenusproject.com and www.theZeitgeistMovement.com.
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1736

Let's talk governance, lipstick, and pigs.


View Profile
August 01, 2012, 03:03:52 AM
 #19

I'm more concerned about Devil's Breath (scopolamine) that cause you to willingly give up your brain wallet. There must be a way to defeat the state of mind it puts you in with a brain wallet device you won't recall while drugged.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
elena.m
Newbie
*
Offline Offline

Activity: 24



View Profile
August 01, 2012, 04:42:47 AM
 #20

Regulate rubber hoses?

This is one of my favorite trolls ever.

I am available for hire. (https://bitcointalk.org/index.php?topic=93064.0)
PGP: 4BE75914
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!