Again thank you for not reading my post and the links therein:
Kerckhoffs' principle: The details of the authentication system that is in place is public information and known to all participants, including Oscar. Alice and Bob retain a shared secret (e.g., a password or set of passwords) that is both private and the foundation upon which the security of the system rests.
Observational principle: Alice communicates with Bob over a semi-private channel that can be observed by Oscar prior to the password being secured (i.e., encrypted or hashed). Namely, Oscar can observe the password(s) used by Alice and could even enter in Alice's password himself, after coercing her into revealing it.
Iteration principle: Unless explicitly prevented by the underlying system, Oscar is not bound to a single instance of coercion against Alice. He may force Alice to authenticate multiple times. Combined with the observational principle (Assumption 2), Oscar can force Alice to use a different password each time.
Forced-randomization principle: Oscar can choose to eliminate any strategy Alice may employ through the order in which she reveals the passwords she knows. For example, Oscar may force Alice into writing down a set of passwords so that he can randomly choose the order in which to iterate through them. The assumption is that this option is available to Oscar, not that he will necessarily employ it.
Oh, I read it. I read it again to make sure that I wasn't missing anything. How exactly does it prevent Alice from being tortured? How does it prevent the torturer from using game theory to entice her to give up the "correct" password from the jump?
I'm not being rhetorical... if I'm missing it, please help me understand.
Consider a scenario with panic communication and a persistent adversary with goal . In addition, preventing both signals and screens is important.
Working Example: Consider the previously defined improper influence problem in Internet-based voting. Alice could be coerced by Oscar into voting a certain way. Alternatively, Alice may want to sell her vote to Oscar by casting her ballot in his presence. Bob's observable response will be the report of a successful casting of Alice's vote, but he will take the unobserved reaction of disregarding any votes cast under a panic password.
I must be totally dense because I am not understanding this at all. As an example, the security system in my home has a duress code that I can enter which disarms the alarm while silently alerting the authorities that my duress code has been entered. In most cases, this is probably sufficient. However, for certain adversaries who are aware that a duress code exists, they could make the "bargain" with me that if I enter a duress code, they will murder the rest of my family. They might not know that my duress code has been entered, but if the authorities come poking around, they will know.
So, in Alice's case, she gets kidnapped. The attackers are aware that she might have a duress code. They tell her that if she enters the duress code, her entire family will be murdered. If Alice lives in an area where authorities are in bed with and inseparable from the criminal element, is she going to take the risk that the authorities are alerted?
If we are talking about a panic code which erases all information on the phone, do you not think that the same bargain can be applied? In fact, such a system might get innocent people murdered and needlessly tortured since, if someone is suspected of having sensitive information - but actually don't - the attacker might get the idea that a duress or panic code was entered which deleted said information.
In any case, it doesn't seem like encryption is going to save people from real harm.
Kerckhoffs' principle: The details of the authentication system that is in place is public information and known to all participants, including Oscar. Alice and Bob retain a shared secret (e.g., a password or set of passwords) that is both private and the foundation upon which the security of the system rests.
Observational principle: Alice communicates with Bob over a semi-private channel that can be observed by Oscar prior to the password being secured (i.e., encrypted or hashed). Namely, Oscar can observe the password(s) used by Alice and could even enter in Alice's password himself, after coercing her into revealing it.
Iteration principle: Unless explicitly prevented by the underlying system, Oscar is not bound to a single instance of coercion against Alice. He may force Alice to authenticate multiple times. Combined with the observational principle (Assumption 2), Oscar can force Alice to use a different password each time.
Forced-randomization principle: Oscar can choose to eliminate any strategy Alice may employ through the order in which she reveals the passwords she knows. For example, Oscar may force Alice into writing down a set of passwords so that he can randomly choose the order in which to iterate through them. The assumption is that this option is available to Oscar, not that he will necessarily employ it.