Honey encryption

Honey Encryption: Encryption beyond the Brute-Force
Barrier
by Ari Juels and Thomas Ristenpart
Presented by
Sahadeb Barman
April, 2020
by Ari Juels and Thomas Ristenpart Honey Encryption: Encryption beyond the Brute-Force BarrierPresented by Sahadeb Barman April, 2020

Content
Introduction
Background
Honey Encryption
Advantage and Disadvantages
Conclusion

Introduction
Created by Ari Juels and Thomas Ristenpart in 2014.
Honey encryption is a type of data encryption that ”produces a cipher
text, which, when decrypted with an incorrect key as guessed by the
attacker, presents a plausible-looking yet incorrect plain text password
or encryption key.

Background: Problems with Password-Based Encryption
Most widely used encryption technique.
Consist of two main functions, encryption and decryption function.
Let M is a message to be encrypt, E()is encrption function, D() is
dcryption function and K is key used for encryption and decryption.
CipherText, C = E(M, K)
PlainText, M = D(C, K)
Authenticated if password is correct.
Gives an error message or failed message if password is incorrect.
Gives hint to the attackers about the key.

Background: The Vulnerability of Weak Passwords
User created passwords are easy to remember and easy to guess.
A study by Moshe Zviran William J. Haga suggested that
characteristics of user created passwords did not change in the
internet era over the time. Passwords are still weak and easy to guess,
mainly because users keep employing predictable patterns and
common words such as names, birth date.
For example weak passwords are name@YearOfBirth,
name@MobileNumber etc.
Venerable for brute force attacks

Background: Password Cracking Tool
Password cracking tools are used to crack password from password
hash.
Depending on the working principle, there are many password
cracking tools are available for free to use, like Hydra, John The
Ripper, Rainbow-Crack etc.
knowledge of how users typically compose their passwords

Honey Encryption: Why to use Honey Encryption
Protects from brute force attacks.
Honey Encryption(HE) generates valid looking but fake output on
every incorrect key used.
This makes diﬃcult for an attacker who is carrying out a brute force
attack to know if he has correctly guessed a password or encryption
key

Honey Encryption: DTE
Distribution Transforming Encoders(DTE), the hurt of Honey
Encryption
It maps the message space into seed space
To maps the message space, DTE consider the probability distribution
of the message space.
According to probability distribution, it assigns a corresponding ratio
of bit strings to the message.
Every message should maps to at least one seed value.

Honey Encryption: Constructing DTE
Suppose Bob wants to encrypt his favorite ice cream flavor
M=”chocolate”, to send to Alice as a hint for his birthday.
Bob looks up surveys on favorite ice cream flavors and finds that
one-half of the respondents favored vanilla, one-fourth chose
chocolate and one-fourth preferred strawberry.
Bob thus constructs a favorite-ice-cream DTE that maps messages
{”Vanilla”,”Chocolate”, ”Strawberry”} into the space of two bit
string {00,01,10,11}

Honey Encryption: Algorithms
Encryption
HEncrypt(M, K) :
S ← HEncode(M)
R ← {0, 1}n
¯S ← H(R, K)
C ← ¯S ⊕ S
Return R, C
Decryption
HDcrypt(K, (R, C)) :
¯S ← H(R, K)
S ← C ⊕ ¯S
M ← HDcode(S)
Return M
.

Honey Encryption: Examples
Examples
From Figure 1 DTE table, message M=”Chocolate” and seed
S ← HEncode(”Chocolate”)=01 , assume key K=1001.
Encryption by Bob
HEncrypt(M, K) :
R ← {0, 1}4 = 1000
¯S ← H(1000, 1001) = 10
C ← ¯S ⊕ S = (10 ⊕ 01) = 11
Decryption by Alice
¯S ← H(1000, 1001) = 10
S ← C ⊕ ¯S = 11 ⊕ 10 = 01
M ← HDcode(S) = HDecode(01) =
”Chocolate” .
Decryption by Eve
¯S ← H(1000, 1101) = 11
S ← C ⊕ ¯S = 11 ⊕ 11 = 00
M ← HDcode(S) = HDecode(00) = ”Strawberry”

Honey Encryption:Advantages and Disadvantages
Advantages
The main advantage of the honey encryption over the tradition PBE
is that the honey encryption avoids the brute force attack completely.
It generates plausible-looking but wrong output on every incorrect key.
Makes attacker confuse between valid and invalid output.
Which stops attacker for further trying for brute-force attacks.
Disadvantages
Some times it may leaks sensitive data from message space.

Honey Encryption: Conclusion
The current Password Based Encryption technique is not more secure
from Brute-Force attacks as modern computer powers are increasing
day by day.
It is easy for an attacker to determine whether the guessed key is
correct or not by looking at the output of the decryption process.
Honey Encryption countermeasures the problem by producing valid
looking but vogues output on every incorrect key entered by advisory.

Honey encryption

More Related Content

What's hot

Similar to Honey encryption

Recently uploaded

Honey encryption