Password typographical error resilience in honey encryption
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Choi, Hoyul | - |
dc.contributor.author | Jeong, Jongmin | - |
dc.contributor.author | Woo, Simon S. | - |
dc.contributor.author | Kang, Kyungtae | - |
dc.contributor.author | Hur, Junbeom | - |
dc.date.accessioned | 2021-09-01T01:27:23Z | - |
dc.date.available | 2021-09-01T01:27:23Z | - |
dc.date.created | 2021-06-18 | - |
dc.date.issued | 2019-11 | - |
dc.identifier.issn | 0167-4048 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/62099 | - |
dc.description.abstract | Honey encryption (HE) is a novel password-based encryption scheme that is secure against brute-force attacks even if users' passwords have min-entropy. However, in HE, decryption with an incorrect key produces fake messages that appear valid. Hence, password typographical errors may confuse even legitimate users. This has been one of the most challenging problems in HE. To tackle this challenge, we propose three types of protocols that enable legitimate users to detect password typographical errors in HE. We conducted a theoretical analysis and performed an IRB-approved user study with 150 participants to compare the performance of each scheme. We also analyzed the security of the proposed schemes against online and offline brute-force attacks. The results from the user study and theoretical analysis show that the proposed schemes can effectively solve the typographical error problem of HE, which can detect typographical errors with 99% accuracy. (C) 2018 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
dc.subject | DESIGN | - |
dc.title | Password typographical error resilience in honey encryption | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Hur, Junbeom | - |
dc.identifier.doi | 10.1016/j.cose.2018.07.020 | - |
dc.identifier.scopusid | 2-s2.0-85055653864 | - |
dc.identifier.wosid | 000494048500043 | - |
dc.identifier.bibliographicCitation | COMPUTERS & SECURITY, v.87 | - |
dc.relation.isPartOf | COMPUTERS & SECURITY | - |
dc.citation.title | COMPUTERS & SECURITY | - |
dc.citation.volume | 87 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.subject.keywordPlus | DESIGN | - |
dc.subject.keywordAuthor | Password-based encryption | - |
dc.subject.keywordAuthor | Honey encryption | - |
dc.subject.keywordAuthor | Password typographical error | - |
dc.subject.keywordAuthor | Brute-force resilience | - |
dc.subject.keywordAuthor | Typographical error resilience | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
145 Anam-ro, Seongbuk-gu, Seoul, 02841, Korea+82-2-3290-2963
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.