The Community for Technology Leaders
Green Image
Issue No. 04 - July-Aug. (2014 vol. 12)
ISSN: 1540-7993
pp: 59-62
Ari Juels , Cornell Tech
Thomas Ristenpart , University of Wisconsin
ABSTRACT
Honey encryption (HE) addresses the challenge of encrypting messages using keys that are vulnerable to guessing attacks, such as the passwords selected by ordinary users. HE creates a ciphertext that, when decrypted with an incorrect key or password, yields a valid-looking but bogus message. So, attackers can't tell when decryption has been successful. Counterintuitively, HE enables the encryption of a message using a weak password such that even a strong attacker--one with unlimited computing power--can't decrypt the message with certainty. You can use HE to encrypt the list of passwords in a password manager, credentials used in SSH (Secure Shell), and so on. HE fuses the creative use of honey objects and decoys in system security with the rigor and principled application imparted by cryptography.
INDEX TERMS
Encryption, Databases, Computer security, Privacy, Encoding
CITATION

A. Juels and T. Ristenpart, "Honey Encryption: Encryption beyond the Brute-Force Barrier," in IEEE Security & Privacy, vol. 12, no. 4, pp. 59-62, 2014.
doi:10.1109/MSP.2014.67
162 ms
(Ver 3.3 (11022016))