Implicit Motor Learning

Keywords: Cryptography, Cognitive Psychology, sequence learning

For my bachelor thesis for Psychology at the University of Twente, I came up with the idea to combine cryptography and cognitive psychology, in an attempt to improve password user authentication. The serial interception sequence learning (SISL) task was used in a user authentication system based on implicit motor sequence learning [1]. This study aimed to investigate the influence of training length on performance of the SISL task. The implementation was done in Matlab. Participants were distributed across three conditions: a training phase of 480 trials, 960 trials and 1,440 trials. Experiment 1 comprised two phases: a training phase and a test phase. In the former, participants substantially trained on a fixed sequence, in the latter, sequence knowledge was tested, using both the trained sequence and new, random sequences.

Results showed that a short training is sufficient to create trained sequence advantage and that sequence knowledge remains over time. Evidence was found for the presence of memory consolidation. To enhance security, random bogus sequences and honey passwords were added to the SAS. It was showed that with the SAS it is difficult to dishonestly authenticate using password guessing attacks, at least more difficult than in most cases of traditional password authentication. However, future research should explore the robustness of the SISL-based authentication system.

[1] Bojinov, H., Sanchez, D., Reber, P., Boneh, D., & Lincoln, P. (2012). Neuroscience meets cryptography: designing crypto primitives secure against rubber hose attacks. In 21st {USENIX} Security Symposium ({USENIX} Security 12) (pp. 129-141).