Origins of term "rubber hose cryptanalysis"

266 views
Skip to first unread message

Eric Lee Green

unread,
Jan 16, 2002, 4:59:55 PM1/16/02
to
I am curious about the origins of the term "rubber hose
cryptanalysis". Does anybody know who coined that term in reference
to use of coercion to extract encryption keys from suspects? Any idea
where and when it was first referred to as such in the cryptographic
literature?

Sorry, no point to this question, just idle curiousity.

--
Eric Lee Green er...@badtux.org http://www.badtux.org
GnuPG public key at http://badtux.org/eric/eric.gpg
BadTux: Linux Penguin Gone Bad

Paul Rubin

unread,
Jan 16, 2002, 5:46:40 PM1/16/02
to
er...@badtux.org (Eric Lee Green) writes:
> I am curious about the origins of the term "rubber hose
> cryptanalysis". Does anybody know who coined that term in reference
> to use of coercion to extract encryption keys from suspects? Any idea
> where and when it was first referred to as such in the cryptographic
> literature?
>
> Sorry, no point to this question, just idle curiousity.

First time I saw it was here on this newsgroup several years ago. I
had the impression that it was something the poster had just made up
in the context of that particular post. Followups to that post also
used it and the term stuck around. Google doesn't include the
earliest references but Marcus Ranum may have been the culprit.

John Wasser

unread,
Jan 16, 2002, 6:00:35 PM1/16/02
to
[[ This message was both posted and mailed. ]]

In article <slrna4bra...@ehome.inhouse>, Eric Lee Green
<er...@badtux.org> wrote:

> I am curious about the origins of the term "rubber hose
> cryptanalysis". Does anybody know who coined that term in reference
> to use of coercion to extract encryption keys from suspects? Any idea
> where and when it was first referred to as such in the cryptographic
> literature?
>
> Sorry, no point to this question, just idle curiousity.

The phrase first hit Usenet near the end of May 1992:
--------------------------------------------------------------------
Newsgroups: sci.crypt
From: m...@hussar.dco.dec.com (Marcus J. Ranum)
Subject: Re: yet another old bad code
Message-ID: <1992Mar29.0...@decuac.dec.com>
Sender: ne...@decuac.dec.com (USENET News System)
Nntp-Posting-Host: hussar.dco.dec.com
Organization: Digital Equipment Corporation, Washington ULTRIX Resource
Center
References: <1992Mar27.0...@cs.cmu.edu>
<LAMBAST.92...@buengf.bu.edu>
<1992Mar28.2...@cs.cmu.edu>
Distribution: na
Date: Sun, 29 Mar 1992 01:18:18 GMT

as...@cs.cmu.edu (James Aspnes) writes:

>If the key stream is a genuinely random sequence of characters this
>sort of code can be made unbreakable-- if you do the addition right
>you get a one-time pad. If the key sequence is just English text,
>even with spaces deleted, what you do is look for sums of common words
>in the ciphertext.

No. You don't get it. You don't use linear sequences of text.
Suppose I want to encode the message "foo", I open the book at a random
spot and find the first 'f' - page 44, line 3, word 3. Then I flip a
few pages at random and find an 'o' - page 89 line 12, word 6 and my
last 'o' is page 3, line 5, word 1.

My ciphertext is now: 44 3 3 89 12 6 3 5 1

This is actually rather hard to break without resorting to
rubber hose cryptanalysis, or wading through my entire library (which
is large) - though I could be using byte offsets into particular
postings from talk.bizarre, for all you know...

mjr.
--
"Sometimes if you have a cappuccino and then try again it will work OK."
- Dr. Brian Reid, 1992
"Sometimes one cappucino isn't enough."
- Me
--------------------------------------------------------------------

Eric Lee Green

unread,
Jan 16, 2002, 7:24:27 PM1/16/02
to
In article <160120021802586438%Newsgrou...@John-Wasser.com>, John Wasser
wrote:

> In article <slrna4bra...@ehome.inhouse>, Eric Lee Green
><er...@badtux.org> wrote:
>
>> I am curious about the origins of the term "rubber hose
>> cryptanalysis". Does anybody know who coined that term in reference
>> to use of coercion to extract encryption keys from suspects? Any idea
>
> The phrase first hit Usenet near the end of May 1992:

I found this article from October 1990 in the groups.google.com archive, again
by Marcus J. Ranum:

rom: m...@hussar.dco.dec.com (Marcus J. Ranum)
Newsgroups: sci.crypt
Subject: Re: Cryptography and the Law...
Keywords: Search Warrants and Encryption
Message-ID: <1990Oct16....@decuac.dec.com>
Date: 16 Oct 90 05:00:00 GMT
References: <47...@cornell.UUCP> <14...@smoke.BRL.MIL> <47...@cornell.UUCP>
Sender: ne...@decuac.dec.com (Network News)
Reply-To: m...@hussar.dco.dec.com (Marcus J. Ranum)
Organization: Digital Equipment Corp., Washington Ultrix Resource Center
Lines: 60
Posted: Tue Oct 16 06:00:00 1990

[...]
Problem #2: is that white noise, or is it a one-time pad ? I
dunno. Awfully hard to prove, isn't it ? Unless, of course, I left
my radioactive source and oscillators lying around. Big deal, you
zap me for a misdemeanor. You still don't get The Master Plan, unless
you resort to the rubber-hose technique of cryptanalysis. (in which
a rubber hose is applied forcefully and frequently to the soles of
the feet until the key to the cryptosystem is discovered, a process
that can take a surprisingly short time and is quite computationally
inexpensive)
[...]
================
So it appears that Marcus is the first to bring it to USENET, at least
insofar as the Google archives are concerned. He's still around. I guess
I can send him EMAIL asking him if he'd seen the term before he (apparently)
coined it in the above message.

Mok-Kong Shen

unread,
Jan 17, 2002, 9:51:47 AM1/17/02
to

Eric Lee Green wrote:
>

> I found this article from October 1990 in the groups.google.com archive, again
> by Marcus J. Ranum:

> Problem #2: is that white noise, or is it a one-time pad ? I


> dunno. Awfully hard to prove, isn't it ? Unless, of course, I left
> my radioactive source and oscillators lying around. Big deal, you
> zap me for a misdemeanor. You still don't get The Master Plan, unless
> you resort to the rubber-hose technique of cryptanalysis. (in which
> a rubber hose is applied forcefully and frequently to the soles of
> the feet until the key to the cryptosystem is discovered, a process
> that can take a surprisingly short time and is quite computationally
> inexpensive)
> [...]

Very interesting to know that certain techniques of the
Middle Age (to be seen in a few special museums) have
evolved quite a bit.

M. K. Shen

Tony T. Warnock

unread,
Jan 17, 2002, 11:34:04 AM1/17/02
to
The point is that a rubber hose, doesn't leave scars or bruises. (Unless
you forget to remove the sprinkler.)

Paul Pires

unread,
Jan 17, 2002, 2:52:32 PM1/17/02
to

Tony T. Warnock <u09...@cic-mail.lanl.gov> wrote in message news:3C46FCFC...@cic-mail.lanl.gov...

> The point is that a rubber hose, doesn't leave scars or bruises. (Unless
> you forget to remove the sprinkler.)

:-) I hate it when that happens.

Paul
>
>


Eric Lee Green

unread,
Jan 17, 2002, 11:57:01 PM1/17/02
to
I traded EMAIL with Marcus J. Ranum, and he confirmed that, as far as
he knows, he was the first person to use the term "rubber hose
cryptanalysis" to refer to the use of coercion in key acquisition, a
process for key discovery that he describes as "can take a

surprisingly short time and is quite computationally
inexpensive". This term is now, of course, a standard description of
the method both on this newsgroup and in recent cryptographical
texts. It was apparently first used and defined in this message:

> From: m...@hussar.dco.dec.com (Marcus J. Ranum)
> Newsgroups: sci.crypt
> Subject: Re: Cryptography and the Law...
> Keywords: Search Warrants and Encryption
> Message-ID: <1990Oct16....@decuac.dec.com>
> Date: 16 Oct 90 05:00:00 GMT
> References: <47...@cornell.UUCP> <14...@smoke.BRL.MIL> <47...@cornell.UUCP>
> Sender: ne...@decuac.dec.com (Network News)
> Reply-To: m...@hussar.dco.dec.com (Marcus J. Ranum)
> Organization: Digital Equipment Corp., Washington Ultrix Resource Center
> Lines: 60
> Posted: Tue Oct 16 06:00:00 1990
>
> [...]
> Problem #2: is that white noise, or is it a one-time pad ? I
> dunno. Awfully hard to prove, isn't it ? Unless, of course, I left
> my radioactive source and oscillators lying around. Big deal, you
> zap me for a misdemeanor. You still don't get The Master Plan, unless
> you resort to the rubber-hose technique of cryptanalysis. (in which
> a rubber hose is applied forcefully and frequently to the soles of
> the feet until the key to the cryptosystem is discovered, a process
> that can take a surprisingly short time and is quite computationally
> inexpensive)
> [...]

So now you can astound and amaze all your friends and relatives by
answering the question, "who originated the term 'rubber-hose
cryptanalysis'?". What the hey, it's useless trivia, but no more
useless than any other trivia, and it was a distraction from trying to
beat sense into yet another twirp proposing a broken PRNG that lacks
any qualities needed for cryptographic work. (Or writing documentation,
which was my chore the day that I went on my trivia hunt :-).

--
Eric Lee Green er...@badtux.org http://badtux.org/eric


GnuPG public key at http://badtux.org/eric/eric.gpg

BadTux: Linux Penguin Gone Bad ( http://badtux.org )

Reply all
Reply to author
Forward
0 new messages