Password typos resilience in honey encryption

Hoyul Choi, Hyunjae Nam, Junbeom Hur

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Honey encryption (HE) is a novel password-based encryption scheme which is secure against brute-force attack even if users' passwords have min-entropy. However, because decryption under a wrong key produces fake but valid-looking messages to everyone, typos in password may confuse even legitimate users in HE. This has been one of the most challenging problems in HE. In this paper, we propose two types of protocols that enable legitimate users to detect the typos in a password. We compare and analyze the performance and security of each scheme. The analysis results show that the proposed schemes can effectively solve the typos problem in HE while providing message recovery security.

Original languageEnglish
Title of host publication31st International Conference on Information Networking, ICOIN 2017
PublisherIEEE Computer Society
Pages593-598
Number of pages6
ISBN (Electronic)9781509051243
DOIs
Publication statusPublished - 2017 Apr 13
Event31st International Conference on Information Networking, ICOIN 2017 - Da Nang, Viet Nam
Duration: 2017 Jan 112017 Jan 13

Publication series

NameInternational Conference on Information Networking
ISSN (Print)1976-7684

Other

Other31st International Conference on Information Networking, ICOIN 2017
CountryViet Nam
CityDa Nang
Period17/1/1117/1/13

Fingerprint

Cryptography
Entropy
Recovery

Keywords

  • brute-force resilience
  • honey encryption
  • password typo
  • password-based encryption

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

Choi, H., Nam, H., & Hur, J. (2017). Password typos resilience in honey encryption. In 31st International Conference on Information Networking, ICOIN 2017 (pp. 593-598). [7899565] (International Conference on Information Networking). IEEE Computer Society. https://doi.org/10.1109/ICOIN.2017.7899565

Password typos resilience in honey encryption. / Choi, Hoyul; Nam, Hyunjae; Hur, Junbeom.

31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society, 2017. p. 593-598 7899565 (International Conference on Information Networking).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Choi, H, Nam, H & Hur, J 2017, Password typos resilience in honey encryption. in 31st International Conference on Information Networking, ICOIN 2017., 7899565, International Conference on Information Networking, IEEE Computer Society, pp. 593-598, 31st International Conference on Information Networking, ICOIN 2017, Da Nang, Viet Nam, 17/1/11. https://doi.org/10.1109/ICOIN.2017.7899565
Choi H, Nam H, Hur J. Password typos resilience in honey encryption. In 31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society. 2017. p. 593-598. 7899565. (International Conference on Information Networking). https://doi.org/10.1109/ICOIN.2017.7899565
Choi, Hoyul ; Nam, Hyunjae ; Hur, Junbeom. / Password typos resilience in honey encryption. 31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society, 2017. pp. 593-598 (International Conference on Information Networking).
@inproceedings{8150d3ebf8dd4cf0a6891e06231b7461,
title = "Password typos resilience in honey encryption",
abstract = "Honey encryption (HE) is a novel password-based encryption scheme which is secure against brute-force attack even if users' passwords have min-entropy. However, because decryption under a wrong key produces fake but valid-looking messages to everyone, typos in password may confuse even legitimate users in HE. This has been one of the most challenging problems in HE. In this paper, we propose two types of protocols that enable legitimate users to detect the typos in a password. We compare and analyze the performance and security of each scheme. The analysis results show that the proposed schemes can effectively solve the typos problem in HE while providing message recovery security.",
keywords = "brute-force resilience, honey encryption, password typo, password-based encryption",
author = "Hoyul Choi and Hyunjae Nam and Junbeom Hur",
year = "2017",
month = "4",
day = "13",
doi = "10.1109/ICOIN.2017.7899565",
language = "English",
series = "International Conference on Information Networking",
publisher = "IEEE Computer Society",
pages = "593--598",
booktitle = "31st International Conference on Information Networking, ICOIN 2017",

}

TY - GEN

T1 - Password typos resilience in honey encryption

AU - Choi, Hoyul

AU - Nam, Hyunjae

AU - Hur, Junbeom

PY - 2017/4/13

Y1 - 2017/4/13

N2 - Honey encryption (HE) is a novel password-based encryption scheme which is secure against brute-force attack even if users' passwords have min-entropy. However, because decryption under a wrong key produces fake but valid-looking messages to everyone, typos in password may confuse even legitimate users in HE. This has been one of the most challenging problems in HE. In this paper, we propose two types of protocols that enable legitimate users to detect the typos in a password. We compare and analyze the performance and security of each scheme. The analysis results show that the proposed schemes can effectively solve the typos problem in HE while providing message recovery security.

AB - Honey encryption (HE) is a novel password-based encryption scheme which is secure against brute-force attack even if users' passwords have min-entropy. However, because decryption under a wrong key produces fake but valid-looking messages to everyone, typos in password may confuse even legitimate users in HE. This has been one of the most challenging problems in HE. In this paper, we propose two types of protocols that enable legitimate users to detect the typos in a password. We compare and analyze the performance and security of each scheme. The analysis results show that the proposed schemes can effectively solve the typos problem in HE while providing message recovery security.

KW - brute-force resilience

KW - honey encryption

KW - password typo

KW - password-based encryption

UR - http://www.scopus.com/inward/record.url?scp=85018247225&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018247225&partnerID=8YFLogxK

U2 - 10.1109/ICOIN.2017.7899565

DO - 10.1109/ICOIN.2017.7899565

M3 - Conference contribution

AN - SCOPUS:85018247225

T3 - International Conference on Information Networking

SP - 593

EP - 598

BT - 31st International Conference on Information Networking, ICOIN 2017

PB - IEEE Computer Society

ER -