Sciweavers

IACR
2016

Honey Encryption Beyond Message Recovery Security

8 years 8 months ago
Honey Encryption Beyond Message Recovery Security
Juels and Ristenpart introduced honey encryption (HE) and showed how to achieve message recovery security even in the face of attacks that can exhaustively try all likely keys. This is important in contexts like password-based encryption where keys are very low entropy, and HE schemes based on the JR construction were subsequently proposed for use in password management systems and even long-term protection of genetic data. But message recovery security is in this setting, like previous ones, a relatively weak property, and in particular does not prohibit an attacker from learning partial information about plaintexts or from usefully mauling ciphertexts. We show that one can build HE schemes that can hide partial information about plaintexts and that prevent mauling even in the face of exhaustive brute force attacks. To do so, we introduce target-distribution semantic-security and target-distribution non-malleability security notions. We prove that a slight variant of the JR HE constr...
Joseph Jaeger, Thomas Ristenpart, Qiang Tang
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Joseph Jaeger, Thomas Ristenpart, Qiang Tang
Comments (0)