Netinfo Security ›› 2019, Vol. 19 ›› Issue (12): 38-46.doi: 10.3969/j.issn.1671-1122.2019.12.005

Previous Articles     Next Articles

Privacy Data Protection Based on the Honey Encryption

Yajun GUO, Dongqi PU()   

  1. School of Computer, Central China Normal University, Wuhan Hubei 430079, China
  • Received:2019-05-20 Online:2019-12-10 Published:2020-05-11

Abstract:

It is significant to protect the people’s private data. There is a big vulnerability to password-based encryption, which is often used to protect privacy data, because the security of this scheme is depended on how to select a password. However, users tend to choose simple and easy-to-predict passwords. When decrypting a message with incorrect passwords, the algorithm will output invalid messages, and then indicates failed attempts. This means that it cannot effectively against the brute-force attack. Therefore, honey encryption can be used to solve the above problem. Base on password encryption, the system will output plausible-looking decoy messages to confuse attackers when decrypting a message with the exhaustive-key-search method by introducing the concept of the distribution-transforming encoder. In this paper, honey encryption was applied to protect the users’ digital wallets, which can solve the drawback of weak passwords when using in the users’ bank card accounts and their PIN. This paper begins by introducing the basic idea of honey encryption; Then, the message space was designed in more granular for the application to give more plausible false messages; Furthermore, machine learning methods were firstly used to discuss the security of this system. The result shows that the security of honey encryption is higher than the existing password-based encryption, and the decoy messages are also too difficult to distinguish.

Key words: honey encryption, distribution-transforming encoder, privacy data protection

CLC Number: