Honey Encryption: Security Beyond the Brute-Force Bound
نویسندگان
چکیده
We introduce honey encryption (HE), a simple, general approach to encrypting messages using low min-entropykeys such as passwords. HE is designed to produce a ciphertext which, when decrypted with any of a number ofincorrect keys, yields plausible-looking but bogus plaintexts called honey messages. A key benefit of HE is that itprovides security in cases where too little entropy is available to withstand brute-force attacks that try every key;in this sense, HE provides security beyond conventional brute-force bounds. HE can also provide a hedge againstpartial disclosure of high min-entropy keys.HE significantly improves security in a number of practical settings. To showcase this improvement, we buildconcrete HE schemes for password-based encryption of RSA secret keys and credit card numbers. The key chal-lenges are development of appropriate instances of a new type of randomized message encoding scheme called adistribution-transforming encoder (DTE), and analyses of the expected maximum loading of bins in various kindsof balls-and-bins games.
منابع مشابه
A Performance Survey of Meta-Heuristic And Brute-Force Search Algorithms to Cryptanalysis The SDES Encryption Algorithm
For many years, cryptanalysis has been considered as an attractive topic in jeopardizing the security and resistance of an encryption algorithm. The SDES encryption algorithm is a symmetric cryptography algorithm that performs a cryptographic operation using a crypt key. In the world of encryption, there are many search algorithms to cryptanalysis. In these researches, brute force attack algori...
متن کاملHoney Encryption Beyond Message Recovery Security
Juels and Ristenpart introduced honey encryption (HE) and showed how to achieve message recovery security even in the face of attacks that can exhaustively try all likely keys. This is important in contexts like password-based encryption where keys are very low entropy, and HE schemes based on the JR construction were subsequently proposed for use in password management systems and even long-te...
متن کاملSecuring Messages from Brute Force Attack by Combined Approach of Honey Encryption and Blowfish
1MTech Scholar, Department of Computer Science & Engineering, RSR-RCET, Bhilai, Chhattisgarh, India 2Assistant Professor, HOD, Department of Computer Science & Engineering, RSR-RCET, Bhilai, Chhattisgarh, India ---------------------------------------------------------------------***--------------------------------------------------------------------Abstract Nowadays, Messaging service is being ...
متن کاملHoney Encryption for Language - Robbing Shannon to Pay Turing?
Honey Encryption (HE), introduced by Juels and Ristenpart (Eurocrypt 2014, [13]), is an encryption paradigm designed to produce ciphertexts yielding plausible-looking but bogus plaintexts upon decryption with wrong keys. Thus brute-force attackers need to use additional information to determine whether they indeed found the correct key. At the end of their paper, Juels and Ristenpart leave as a...
متن کاملA Security Protocol for Multi-User Authentication
Abstract: In this note we propose an encryption communication protocol which also provides database security. For the encryption of the data communication we use a transformation similar to the Cubic Public-key transformation [1]. This method represents a many-to-one mapping which increases the complexity for any brute force attack. Some interesting properties of the transformation are also inc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2014 شماره
صفحات -
تاریخ انتشار 2014