2014 | OriginalPaper | Chapter
Honey Encryption: Security Beyond the Brute-Force Bound
Authors : Ari Juels, Thomas Ristenpart
Published in: Advances in Cryptology – EUROCRYPT 2014
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We introduce
honey encryption
(HE), a simple, general approach to encrypting messages using low min-entropy keys such as passwords. HE is designed to produce a ciphertext which, when decrypted with any of a number of
incorrect
keys, yields plausible-looking but bogus plaintexts called
honey messages
. A key benefit of HE is that it provides security in cases where too little entropy is available to withstand brute-force attacks that try every key; in this sense, HE provides security beyond conventional brute-force bounds. HE can also provide a hedge against partial disclosure of high min-entropy keys.
HE significantly improves security in a number of practical settings. To showcase this improvement, we build concrete HE schemes for password-based encryption of RSA secret keys and credit card numbers. The key challenges are development of appropriate instances of a new type of randomized message encoding scheme called a
distribution-transforming encoder
(DTE), and analyses of the expected maximum loading of bins in various kinds of balls-and-bins games.