Scientists create new neuro/cryptic password technology

A new technology that combines cryptography with neuroscience will enable users to learn a password without knowing its consciously.

This new technology is being developed Hristo Bojinov at Stanford University with colleagues from Northwestern University and SRI International.

The scientists have designed a game that utilizes implicit learning techniques, a process by which people learn a pattern unconsciously.  Through a game, cryptographic patterns are developed which delivers a secret password to the brain without the user knowing what the password is.

In a game that lasts 30 to 45 minutes, the players were asked to press six keys on their keyboards that corresponded to symbols falling from top of the screen to the bottom.  After 100 repetitions, the player has learned a 30-character password, which forms the basis of a security system.

For further safety, the team performed a number of user studies using “crowdsourcing” to verify that participants could successfully re-authenticate over time and that they were unable to reconstruct or even recognize short fragments of the planted secret password.

Ari Juels, Director of RSA Laboratories (http://www.rsa.com/rsalabs/) in Cambridge, Massachusetts said: “Authentication doesn’t require explicit effort on the part of the user. If the time required for training and authentication can be reduced, then some of the benefits of biometrics, namely effortlessness and minimal risk of loss, can be coupled with a feature that biometrics lack: the ability to replace a biometric that has been compromised.”

The researchers acknowledge that more work is needed to make the system user-friendly for commercial use. It is acknowledged however that the technology is more likely to have military applications.

What do you think of this new security system? 

Article Topics

cryptographic patterns  |  neuroscience