Privacy Data Protection Based on the Honey Encryption

doi:10.3969/j.issn.1671-1122.2019.12.005

Abstract

Abstract:

It is significant to protect the people’s private data. There is a big vulnerability to password-based encryption, which is often used to protect privacy data, because the security of this scheme is depended on how to select a password. However, users tend to choose simple and easy-to-predict passwords. When decrypting a message with incorrect passwords, the algorithm will output invalid messages, and then indicates failed attempts. This means that it cannot effectively against the brute-force attack. Therefore, honey encryption can be used to solve the above problem. Base on password encryption, the system will output plausible-looking decoy messages to confuse attackers when decrypting a message with the exhaustive-key-search method by introducing the concept of the distribution-transforming encoder. In this paper, honey encryption was applied to protect the users’ digital wallets, which can solve the drawback of weak passwords when using in the users’ bank card accounts and their PIN. This paper begins by introducing the basic idea of honey encryption; Then, the message space was designed in more granular for the application to give more plausible false messages; Furthermore, machine learning methods were firstly used to discuss the security of this system. The result shows that the security of honey encryption is higher than the existing password-based encryption, and the decoy messages are also too difficult to distinguish.

Key words: honey encryption, distribution-transforming encoder, privacy data protection

CLC Number:

TP309

Yajun GUO, Dongqi PU. Privacy Data Protection Based on the Honey Encryption[J]. Netinfo Security, 2019, 19(12): 38-46.

Figures/Tables 11

References 19

[1]	BONNEAU J.The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords[C]//IEEE. 2012 IEEE Symposium on Security and Privacy, May 20-23, 2012, San Francisco, California, USA. New York: IEEE, 2012: 538-552.
[2]	KU Weichi, CHEN Shuaimin.Weaknesses and Improvements of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards[J]. IEEE Transactions on Consumer Electronics, 2004, 50(1): 204-207.
[3]	JUELS A, RISTENPART T.Honey Encryption: Security Beyond the Brute-Force Bound[C]//Springer. 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 11-15, 2014, Copenhagen, Denmark. Heidelberg: Springer, 2014: 293-310.
[4]	JUELS A, RIVEST R L.Honeywords: Making Password-Cracking Detectable[C]//ACM. Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, November 04-08, 2013, Berlin, Germany. New York: ACM, 2013: 145-160.
[5]	ERGULER I.Achieving Flatness: Selecting the Honeywords from Existing User Passwords[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 13(2): 284-295.
[6]	RAO S.Data and System Security with Failwords: U.S. Patent Application 11/039, 577[P].2006-7-20.
[7]	YOU Jianzhou, ZHANG Yueyang, LV Shichao, et al.Method of ICS Honeypot Identification Based on Packet-Sharding[J]. Journal of Cyber Security, 2019, 4(3):83-92.
	游建舟,张悦阳,吕世超,等. 基于数据包分片的工控蜜罐识别方法[J]. 信息安全学报,2019,4(3):83-92.
[8]	BOJINOV H, BURSZTEIN E, BOYEN X, et al.Kamouflage: Loss-Resistant Password Management[C]// Springer. European Symposium on Research in Computer Security, September 20-22, 2010, Athens, Greece. Heidelberg: Springer, 2010: 286-302.
[9]	GENC Z A, KARDAŞ S, KIRAZ M S.Examination of a New Defense Mechanism: Honeywords[C]//Springer. IFIP International Conference on Information Security Theory and Practice, September 28-29, 2017, Heraklion, Crete, Greece. Heidelberg: Springer, 2017: 130-139.
[10]	YUILL J, ZAPPE M, DENNING D, et al.Honeyfiles: Deceptive Files for Intrusion Detection[C]//IEEE. Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, June 10-11, 2004, West Point, NY, USA. New York: IEEE, 2004: 116-122.
[11]	VINAYAK P P, NAHALA M A.Avoiding Brute Force Attack in MANET Using Honey Encryption[J]. International Journal of Science and Research, 2015, 4(3): 83-85.
[12]	TYAGI N, WANG J, WEN K, et al. Honey Encryption Applications[EB/OL]. , 2019-4-30.
[13]	YIN Wei, ZHOU Hongjian, XING Guoqiang.Application of Honey Encryption Mechanism in Protection of Private Data[J]. Journal of Computer Applications, 2017, 37(12): 3406-3411.
	银伟,周红建,邢国强. 蜜罐加密技术在私密数据保护中的应用[J]. 计算机应用,2017,37(12):3406-3411.
[14]	HUANG Z, AYDAY E, FELLAY J, et al.GenoGuard: Protecting Genomic Data Against Brute-Force Attacks[C]//IEEE. 2015 IEEE Symposium on Security and Privacy, May 17-21, 2015, San Jose, CA, USA. New York: IEEE, 2015: 447-462.
[15]	YOON J W, KIM H, JO H J, et al.Visual Honey Encryption: Application to Steganography[C]//ACM. Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security, June 17-19, 2015, Portland, Oregon, USA. New York: ACM, 2015: 65-74.
[16]	JAEGER J, RISTENPART T, TANG Q.Honey Encryption Beyond Message Recovery Security[C]//Springer. Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 8-12, 2016, Vienna, Austria. Heidelberg: Springer, 2016: 758-788.
[17]	CORON J S, DODIS Y, MANDAL A, et al.A Domain Extender for the Ideal Cipher[C]//Springer. Theory of Cryptography Conference, February 9-11, 2010, Zurich, Switzerland. Heidelberg: Springer, 2010: 273-289.
[18]	NICK. PIN Number Analysis[EB/OL]. , 2019-4-30.
[19]	BELLARE M, RISTENPART T, TESSARO S.Multi-instance Security and Its Application to Password-based Cryptography[C]//Springer. Annual Cryptology Conference, August 19-23, 2012, Santa Barbara, CA, USA. Heidelberg: Springer, 2012: 312-329.

技术	HE	HE with AES(CBC)	HE with AES(ECB)	HE with Blowfish(CBC)	HE withBlowfish(ECB)
时间消耗/ms	1466.532	1861.284	1503.496	1470.209	1472.058
内存消耗/MB	10.5859375	10.65234375	10.62890625	10.59515625	10.59765625