General security

Honey Encryption

Ryan Mazerik
July 14, 2014 by
Ryan Mazerik

Current Scenario

In today's world, cyber criminals often use software to brute force passwords, and some may lead to successful attacks. Since there are many third party tools and high end machines to carry out such attacks, brute forcing is a fun and easier job now a days.

Recently there have been a number of password breaches; from corporate giants to small scale industries, hackers are stealing passwords everywhere. Users of these prominent services were awestruck after hearing such breaking news from the computer industry. There are a number of mechanisms computer engineers develop to overcome such password breaches, but as soon as security engineers detect one form of hack, adversaries swing to another form. So this is plausibly a cat and mouse game that is never ending. Some notable password breaches are:

Password breaches are really a plague for the IT industry, and the type of mechanism that we still use to protect password is hashing. We all know what hashing is and the different types of hashes prevailing now. A bit more extension in terms of cryptography for password hashes is salted hashes. When passwords are given for hashing, salts are also added at the end to increase the cryptographic property of the result.

So salted hashes SH=Hash of (Password (P) +Salt(S))

Hashes also play a role in storing passwords. Normally in all situations when an application asks for a password, it is not the password that is stored in but the hash value of the password. So when a user resubmits the password at a later time, the hash is computed and is compared with the hash value to see if it matches or not. Adapting this kind of technique will minimise the risk even if the password database is compromised.

But now hackers are capable enough to reverse the hash value to passwords as well. Its not by directly reversing the hash value, which we know it is impossible as hashes are irreversible. However they strongly rely on rainbow tables for reversing hash values. Even salting doesn't have much strength to resist hashes being reversed with the help of rainbow tables. So salting or hashing is inadequate now to avoid password breaches.

The other way to find out passwords is by brute forcing or guessing passwords. There are also tools available (Bcrypt, Scrypt) outside to harden hash values. But the fundamental limitation of password breaches is mainly on users who choose weak passwords. A study revealed that 1% of people have the same passwords ie, 123456, and 50% of the passwords can be cracked very easily, as they are based on the user's name, city or common dictionary words. There are only a few who use complex passwords which consist of a symbol and digit. As we are all human, remembering complex passwords is a tedious job for us. So when there is a need to change a password, we amend few digits at the end of the password to fool the system that we have moved to a new password.

Proposed Scenario

Ari Juels has come up with the idea of honey encryption, which can act as a defense to today's thriving computer security breaches. Encryption was first presented at the Eurocrypt conference in Copenhagen during May 2014 by former RSA employee Ari Juels and Thomas Honey Ristenpart of University of Wisconsin. Usually the term 'honey' is used to indicate a decoy that is used to attract the attackers or other malicious intended users.

Honey encryption is similar to honeypots in the sense that both of these techniques are used to distract and defend against attackers. But these techniques work entirely different in the technical mode of operation. Honeypots are used to detect or capture unauthorized attempts to the information systems. But honey encryption refers to data encryption techniques that provide a deflection mechanism to the increase the encryption standards. The concept of honey encryption is used to detect attackers when trying to decrypt some data that has been encrypted. For example, honey encryption can be used in a master vault where a large number of passwords or other confidential credentials are stored. When an attacker intrudes the master vault, then all the credentials are lost and it then results in a critical data breach.

In honey encryption, there are many passwords, and only one is right and the rest are all bogus passwords. These bogus passwords are called honey words or decoys. The entire list of honey words are called sweet words.

Honey encryption's importance came into the picture when the latest security incidents were reviewed. In the LastPass breach of 2011, the master passwords were encrypted. But the problem was LastPass users chose passwords found in a dictionary, which are more vulnerable than non-dictionary words. If such a vault is encrypted under a honey encryption scheme, when an attacker tries to decrypt by guessing the password, the attacker would be flagged for trying honey words.

Details

In a conventional cryptographic system, hackers will be able to crack the password by checking whether it is correct or not. But in case of honey encryption, when someone brute forces the encryption, the attacker will be supplied with a password that mimics the real looking one. This confuses the hacker to distinguish the real password from the fake one.

Just imagine that after a data breach, a cyber-criminal gets access to a large encryption password vault. In normal cryptographic methods, a hacker could crack them without trouble. But when honey encryption comes into the picture, the hacker would be unable to crack it, since it produces fake passwords that resemble the real ones. The fake passwords used by honey encryption are collected from the Internet, where a large number of password dumps are available. These password dumps can mimic the accurate password and is used in the manufacture of honey encryption. A fake password vault generator for honey encryption is currently being generated, and this can be used to protect the password managers. This generator collects data from various sources, mainly large collections of leaked passwords and password samples used in the password crackers.

Now, during a normal scenario, how do we verify the submitted password in a honey world? This verification can be done by a honey checker, which stores the index of the password. Therefore, in a normal authentication process the computer system has some bogus passwords and the honey checker has the index. When a user logs in with the correct password the system checks the honey checker, if the indexes are same, the user is granted access with no alarm being fired. By adapting such a setup, we get better distributed security, and the chances of compromising both computer system and honey checker are lower. Even if the honey checker is offline, still the system is capable of comparing the cache to detect the breach when it comes online again.

Usually in Windows environments, passwords are stored in SAM databases. Hashing is done over the SAM database to maintain the integrity of the password file. So if anyone makes any unauthorised changes in the SAM database, then we can conclude a breach has occurred. So with the help of honey encryption a fake password file is generated, which contains some bogus passwords in that file. One cannot easily identify the fake password file as it looks exactly like the ordinary password file, and inside the password file many sweet words are inserted. Sweet words are combinations of the user's original password with honey words. It is less likely that the honey encryption can be compromised as the password system and honey checker reside in different operating systems.

Use Cases & Applications

  • Password managers like LastPass and Dashlane store multiple passwords in encrypted forms, which in turn are protected by a master password. A system can be built where password manager services like LastPass and Dashlane can be protected by using the honey encryption method.
  • Honey encryption can be used in credit card data encryption, pin and CVV. When an attacker tries to decrypt the credit card data by entering the wrong key, then they will be presented with a fake key that looks similar to the real one. Consider the case if an attacker brute forces to decrypt the credit card number. As long as the attacker is providing the input, he/she will also be presented with the fake response as the output. Thus the attacker will not be able to distinguish the real password from this large number of generated fake passwords.

Limitations

Honey encryption is currently in the works, and practically implementing it will raise a lot of conflicts.

Conclusion

Honey Encryption is a new, innovative approach to defending against data theft and brute forcing passwords. However it is not easy to generate fake data for all possible real cases. But that challenge can be overcome by using real data that are publicized across the Internet during several data breaches.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

References

  • http://pages.cs.wisc.edu/~rist/papers/HoneyEncryptionpre.pdf
  • http://www.technologyreview.com/news/523746/honey-encryption-will-bamboozle-attackers-withfake-secrets/
  • http://bristolcrypto.blogspot.in/2014/02/honey-encryption.html
  • http://bgr.com/2014/01/29/encryption-technology-honey-nsa/
  • http://www.koolspan.com/blog/weekly-word-honey-encryption/
  • http://www.infosecurity-magazine.com/view/36698/honey-encryption-joins-honeywords-andhoneypots-in-the-security-lexicon/
  • http://securityaffairs.co/wordpress/22104/security/honey-encryption.html
Ryan Mazerik
Ryan Mazerik

Ryan has over 10yrs of experience in information security specifically in penetration testing and vulnerability assessment. He used to train and mentor consultants of these offerings to expand security delivery capabilities.He has strong passion in researching security vulnerabilities and taking sessions on information security concepts.