312-50V10 · Question #884
In the field of cryptanalysis, what is meant by a "rubber-hose" attack?
The correct answer is B. Extraction of cryptographic secrets through coercion or torture.. A rubber-hose attack in cryptanalysis refers to extracting secrets through coercion or torture of the key holder rather than attacking the algorithm itself.
Question
In the field of cryptanalysis, what is meant by a "rubber-hose" attack?
Options
- AAttempting to decrypt cipher text by making logical assumptions about the contents of the original
- BExtraction of cryptographic secrets through coercion or torture.
- CForcing the targeted key stream through a hardware-accelerated device such as an ASIC.
- DA backdoor placed into a cryptographic algorithm by its creator.
How the community answered
(31 responses)- A3% (1)
- B87% (27)
- C6% (2)
- D3% (1)
Why each option
A rubber-hose attack in cryptanalysis refers to extracting secrets through coercion or torture of the key holder rather than attacking the algorithm itself.
Making logical assumptions about plaintext to deduce keys describes a known-plaintext or crib-dragging attack, not rubber-hose.
The rubber-hose attack bypasses mathematical cryptanalysis entirely by compelling a person - through physical coercion, threats, or torture - to reveal cryptographic keys or passwords. The term is a darkly humorous reference to physically beating someone to obtain credentials, and it highlights that strong encryption can be rendered moot if the human holding the key can be compromised through non-technical means.
Forcing a key stream through hardware acceleration describes a brute-force attack using ASICs or FPGAs, not rubber-hose.
A backdoor placed by an algorithm's creator describes a kleptographic or backdoor attack, not rubber-hose.
Concept tested: Rubber-hose cryptanalysis - coercion-based key extraction
Topics
Community Discussion
No community discussion yet for this question.