Implementing the Honey Encryption for Securing Public Cloud Data Storage

Recent security incidents on public cloud data storage had risen concerns on cloud data security. Existing cloud data protection solutions that primarily relying on the conventional password-based encryption cannot efficiently resist password guessing and password cracking attacks. To address this problem, this paper proposed an eXtended Honey Encryption (XHE) scheme by adding an additional protection mechanism on the encrypted data. When the attacker attempts to access these encrypted data by entering the incorrect password, instead of rejecting the access, the HE algorithm generates an indistinguishable bogus data, in which the attack could not determine whether the guessed password is working correctly or not. Therefore, increasing the complexity of password guessing and cracking attacks.

[1]  Santanu Sarkar,et al.  Cryptanalysis of an RSA variant with moduli N=prql , 2017, J. Math. Cryptol..

[2]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[3]  Jiqiang Lu,et al.  Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits , 2011, ISPEC.

[4]  Thomas Ristenpart,et al.  Honey Encryption: Encryption beyond the Brute-Force Barrier , 2014, IEEE Security & Privacy.

[5]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[6]  Zhicong Huang,et al.  GenoGuard: Protecting Genomic Data against Brute-Force Attacks , 2015, 2015 IEEE Symposium on Security and Privacy.

[7]  Azman Samsudin,et al.  Lattice Ciphertext-Policy Attribute-Based encryption from ring-LWE , 2015, 2015 International Symposium on Technology Management and Emerging Technologies (ISTMET).

[8]  Azman Samsudin,et al.  A Survey of Homomorphic Encryption for Outsourced Big Data Computation , 2016, KSII Trans. Internet Inf. Syst..

[9]  Thomas Ristenpart,et al.  Honey Encryption: Security Beyond the Brute-Force Bound , 2014, IACR Cryptol. ePrint Arch..