Practical Key Recovery

David Beynon

January 20, 1999

Abstract

The purpose of this paper is to propose a model for automatic key recovery based on principles of practical, rather than theoretical, cryptography. The paper then addresses some of the problems which must be faced and attempts to identify which aspects of the problem can be solved using existing or emerging technologies and which aspects still require human intervention.

Keywords: recovery, practical, hosepipe.

1. Introduction:

Modern computer systems, combined with freely available cryptographic knowledge has placed extremely powerful encryption systems into the hands of the general public, terrorist groups and the armed forces of the odd banana republic. Many of these systems can be freely obtained, installed and used by relative novices who can use quite modest computers to encrypt data that might, for example, take all the computers likely to be built in the history of the human species 2^90 seconds to decipher.

Assuming there are no huge flaws in the cipher used a team of really good cryptographers may find a weakness that could possibly reduce this time to, perhaps, 2^87 seconds given 2^20 chosen plaintexts and a weakened cipher. This is obviously unacceptable to anyone who happens to be running a repressive regime. It is certainly incompatible with my own long term plans1.

Fortunately it is often possible to bypass this tedious business of employing expensive teams of cryptographers and buying a solar mass or two of crays.

Practical cryptography is a technique that generally involves locating either the sender or the recipient of an encrypted message and persuading them to surrender the secret keys required to decipher the message. Traditionally this has involved such diverse techniques as high voltages, threats to family and, most famously, 3 foot lengths of rubber hose. Although in theory this method is ideal it has a number of flaws, mainly in implementation, that are listed below.

  1. Occasional mysterious death of volunteers before they get around to joyfully surrendering information.
  2. Expense of hiring professional counsellors. Less problematical if you have a local asylum for the criminally insane2.
  3. Difficulties in rapidly verifying false information.
  4. Mental stress caused to friendly counsellors by distressing language employed by some of their less stable subjects. Some people also dislike the appearance and smell of intestines.
I suggest that all these problems, with the possible exception of #1 could be easily solved by automating the process.

2. Requirements

There are a number of core requirements for a key extraction system:

  1. Data must be retrieved reliably.
  2. Data retrieval time must be significantly less than that of computational methods.
  3. Stress on personnel must be minimised.
  4. Maintenance costs should be low.

Essentially these boil down to "high reliability, low cost". These points will be addressed in turn and expanded below.

1. Data must be retrieved reliably:

Recent advances in the field of voice recognition have enabled reasonable accuracy in voice activated word processing systems. Most useful voice recognition systems require a period of training before they can work effectively, this luxury may not be available. None of the current systems are designed to cope with the types of voice modulation induced by such things as extreme pain, blood in the larynx or any of the other common ailments likely to afflict our volunteers. This obviously requires some research.

The keys received from the voice recognition systems would then be used in an attempt to decode the ciphertext. The resulting plaintext could then either be scanned for recognisable fragments of plaintext or, as with some software, a message digest based test of the keys veracity would enable large numbers of keys to be trivially rejected.

A second aspect of reliability is the occasional premature death of subjects. It has been suggested that in their joy at being given the opportunity to confess their secrets they die of pleasure. This is unfortunate so it is suggested that a number of medical instruments be included in the design, both in order to prevent accidental death and to increase the efficiency of questioning. In addition to heart monitors, blood pressure and the like I would suggest the inclusion of PET scanners to detect the activity of the brains entertainment centres and ensure an enjoyable and wholesome experience for all.

2. Data retrieval time must be significantly less than that of computational methods:

If any non trivial (ie. non DES) encryption product is used to hide the data then any success will be significantly faster than a computer only attack.

3. Stress on personnel must be minimised:

The machine must be designed in such a way as to minimise contact between human operators and the information donors to be questioned, a suitable method would involve manacling the unconscious donor onto a trolley fitted to a conveyor belt for automatic delivery to the apparatus.

4. Maintenance costs should be low:

Machinery always fails occasionally but the automatic data extractor should be, as far as possible, self cleaning and maintenance free. Three approaches to this problem present themselves.

The first is to fit the devices out like those terrifying coin operated toilets that, according to legend, occasionally drown children who stay inside for too long. This would involve having large roller brushes, steam sprays etc on the inside which would clean out the machinery between customers. The primary advantages of this approach are that it is reliable and that all the machinery employed could also be used as questioning aids. The main disadvantage is that it just doesn't appeal to the technophile inside so on to option 2.

The second, far more aesthetically pleasing, option for keeping the machine clean involves using small, autonomous robots to clean specific parts of the system. So called BEAM robots3 have shown themselves to be extremely well suited to simple jobs requiring infrequent maintenance. It has been suggested that these or similar devices could also help with information retrieval. Although promising the lack of direct computer control over such devices makes their practical application difficult.

My favourite solution is actually to just let the whole area build up a patina of decaying blood and pus. Clouds of flies, swarms of rats and pools of maggots would infest the floor. In fact slow decay in this type of environment could be an excellent interrogation device in itself4.

The first two solutions have one singular advantage in that a sterile system allows some money to be won back from the system by, in addition to plaintext, having the system produce dog food or meatballs which can then be sold at a premium as gourmet brands "is it beef or chicken?". The final solution permits fewer commercial applications although bulk sales of maggots to anglers may be feasible if care is taken.

3. Conclusion

I have concluded that despite some problems the automatic data recovery device proposed above would be possible to implement using technology likely to be available within the next five years. Bespoke software using commercially available modules for voice recognition, robot control etc could be implemented on reasonably low cost commodity hardware. Most of the machinery could be produced by any supplier of custom robotics. The area requiring most research is that of the medical feedback subsystem for measuring discomfort levels and ensuring survival of subjects, I suggest that could best be derived from an expert system trained using data from a few hundred randomly chosen subjects who could be collected using the standard "medical research" approach. None of these problems are insurmountable and the rewards could be great.

I leave you with the question: What sane government or organisation could refuse to fund such research?

4. References

  1. "coup d'etat - a practical handbook" - Edward Luttwak. (back)
  2. "the torturers day off" - Nikolaus Maack. (back)
  3. BEAM robotics links. (back)
  4. "The funnel" - D.P.Beynon (work in progress). (back)