Monday, April 04, 2005

Unforgettable and unrecallable passwords

Came across an interesting paper today: "Passwords you'll never forget, but can't recall" by Daphna Weinshall and Scott Kirkpatrick of the Hebrew University in Jerusalem. The basic aim is to leverage certain human memory phenomena to create "passwords" that can be recognised, but not described to a third party. An example is pick out about 100-200 pictures out of a database of about 20,000. The database is organised into groups of 2-9 based on a common theme; for example, all 9 of the photos in a certain group might contain a windmill. The authentication process is as follows: choose a few, say 5, photos, one of which is in the 100 to 200-strong set that the subject memorised. The subject has to pick the right one. This is repeated several times to minimise the chance that an intruder gets it right by chance.

The rationale is that "a picture is worth a thousand words", and many pictures cannot be described in sufficient detail without actually having them in front of one in order to pick them out of the group. Also, since the subject was given so many photographs, they would be unable to describe all of them anyway. On the other hand, we are pretty good at recognising photographs once we actually see them, so when actually going through the authentication process, we will be able to remember. Some allowance for forgetting is built in - the subject doesn't have to get every test right.

Anyway, this paper reminds me of a passage from Between Silk and Cyanide [NLB] by Leo Marks, which is, by the way, one of my favourite books. I think it must be the non-fiction book I've re-read the most, and given away as presents to the most people. It's clever, it's funny, and it's about cryptography, which I was really interested in for a long time. I haven't the time to review it properly here, but anyway the relevant passage is the following (page 508 of the hardback):

My dear Colonel,
'PANDARUS has done extremely well from the signals point of view. Before he left he was briefed by signals to give MANELAUS an identity check. This was in such a form that PANDARUS himself, if caught later by the enemy, would be unable to remember it. The position now is that MANELAUS is using the check.
'This is the first time in SOE history that an agent recruited in the field has been given an identity check without anything passing in writing!
The same system of identity check will, in due course, be used by the Zone Commanders when they use their own codes.

Yours sincerely,

Nick reminded me as head of Signals that he was my zone commander, and asked if I'd kindly tell him the secret of Pandarus's ability to forget the security checks which he had to pass on.
Astonished by its simplicity, he stared at the ceiling and muttered, 'Jesus.' (Pandarus, who's blasphemed so frequently I was convinced he was devout, said he'd try the system out. He was the first agent to use it but unless I could find a way to vary it, he was likely to be the last.)*

* I have been advised that for security reasons I must forget how it worked! Has nothing changed in fifty years except Britain's prestige?

I puzzled over this passage for some time but have never been able to even imagine a security check that comes close having the properties of unforgettability and unrecallability. I doubt that it's anything like the ones proposed in the paper, but the idea's still neat. It just goes to show that there's nothing new under the sun! (Since 1944, anyway.) Anyway, go read Between Silk and Cyanide. You won't regret it.


Blogger impossibleblot said...

This is one of my very favorite books, and I in fact came across your blog trying to puzzle out the answer to that very passage.

Do you have any other WWII codebreaking books that you recommend?

If you haven't heard about Nancy Wake, go google her :)


9:57 AM  

Post a Comment

<< Home