论文信息 - Honey Encryption: Encryption beyond the Brute-Force Barrier

Honey Encryption: Encryption beyond the Brute-Force Barrier

Honey encryption (HE) addresses the challenge of encrypting messages using keys that are vulnerable to guessing attacks, such as the passwords selected by ordinary users. HE creates a ciphertext that, when decrypted with an incorrect key or password, yields a valid-looking but bogus message. So, attackers can't tell when decryption has been successful. Counterintuitively, HE enables the encryption of a message using a weak password such that even a strong attacker--one with unlimited computing power--can't decrypt the message with certainty. You can use HE to encrypt the list of passwords in a password manager, credentials used in SSH (Secure Shell), and so on. HE fuses the creative use of honey objects and decoys in system security with the rigor and principled application imparted by cryptography.

Thomas Ristenpart | Ari Juels | A. Juels | T. Ristenpart

[1] Blase Ur,et al. Measuring password guessability for an entire university , 2013, CCS.

[2] Burton S. Kaliski,et al. PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[3] Joseph Bonneau,et al. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[4] J. Doug Tygar,et al. The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.

[5] Claude E. Shannon,et al. Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[6] Ian H. Witten,et al. Arithmetic coding for data compression , 1987, CACM.

[7] Thomas Ristenpart,et al. Honey Encryption: Security Beyond the Brute-Force Bound , 2014, IACR Cryptol. ePrint Arch..