Abstract :
Honey encryption (HE) addresses the challenge of encrypting messages using keys that are vulnerable to guessing attacks, such as the passwords selected by ordinary users. HE creates a ciphertext that, when decrypted with an incorrect key or password, yields a valid-looking but bogus message. So, attackers can´t tell when decryption has been successful. Counterintuitively, HE enables the encryption of a message using a weak password such that even a strong attacker--one with unlimited computing power--can´t decrypt the message with certainty. You can use HE to encrypt the list of passwords in a password manager, credentials used in SSH (Secure Shell), and so on. HE fuses the creative use of honey objects and decoys in system security with the rigor and principled application imparted by cryptography.
Keywords :
cryptography; HE; SSH; bogus message; brute-force barrier; cryptography; honey encryption; password manager; secure shell; unlimited computing power; weak password; Computer security; Databases; Encoding; Encryption; Privacy; computer security; cryptography; cybercrime; encryption; hackers; honey encryption; one-time pad; password-based encryption; security;
