Paper 2014/155

Honey Encryption: Security Beyond the Brute-Force Bound

Ari Juels and Thomas Ristenpart

Abstract

We introduce {\em honey encryption} (HE), a simple, general approach to encrypting messages using low min-entropy keys such as passwords. HE is designed to produce a ciphertext which, when decrypted with any of a number of {\em incorrect} keys, yields plausible-looking but bogus plaintexts called {\em honey messages}. A key benefit of HE is that it provides security in cases where too little entropy is available to withstand brute-force attacks that try every key; in this sense, HE provides security beyond conventional brute-force bounds. HE can also provide a hedge against partial disclosure of high min-entropy keys. HE significantly improves security in a number of practical settings. To showcase this improvement, we build concrete HE schemes for password-based encryption of RSA secret keys and credit card numbers. The key challenges are development of appropriate instances of a new type of randomized message encoding scheme called a {\em distribution-transforming encoder} (DTE), and analyses of the expected maximum loading of bins in various kinds of balls-and-bins games.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in EUROCRYPT 2014
Contact author(s)
ajuels @ gmail com
History
2014-03-01: received
Short URL
https://ia.cr/2014/155
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/155,
      author = {Ari Juels and Thomas Ristenpart},
      title = {Honey Encryption: Security Beyond the Brute-Force Bound},
      howpublished = {Cryptology ePrint Archive, Paper 2014/155},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/155}},
      url = {https://eprint.iacr.org/2014/155}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.