Security by obscurity is often dismissed, but hiding in plain sight really can sometimes work. This is the principle behind a new approach to encryption key security developed by Ari Juels (former chief scientist at RSA) and Thomas Ristenpart (of the University of Wisconsin), which gives a new layer of protection for passwords and encryption keys.
The principle is very simple: instead of returning a 'fail' or nothing or garbage when a password or key is incorrectly entered, it returns fake but plausible information. It is designed to make brute forcing stolen password/credit card databases more difficult.
Brute forcing usually uses software and dictionaries to repeatedly guess the key until the correct one is found. MIT Technology Review explains how the Honey Encryption principle makes this more difficult: "If an attacker used software to make 10,000 attempts to decrypt a credit card number, for example, they would get back 10,000 different fake credit card numbers. 'Each decryption is going to look plausible,” says Juels. “The attacker has no way to distinguish a priori which is correct.”
Honey Encryption seems to have evolved out of the Honeywords project jointly undertaken by Juels and Ron Rivest (the 'R' of RSA). "Honeywords," explains its associated FAQ, "are a defense against stolen password files. Specifically, they are bogus passwords placed in the password file of an authentication server to deceive attackers." It inserts false passwords into the password database.
An attacker could steal and brute force all of the passwords – but if the majority of them are Honeywords, then statistically the attacker is likely to use a false one. "If a honeyword-enabled system detects an attempt to login using a honeyword, it raises an alarm indicating that the password file has been compromised."
It isn't yet clear whether Honey Encryption will include a similar 'alarm' system (the authors plan to present their research paper at Eurocrypt 2014 in Copenhagen, May); but MIT Technology Review notes that Juels is already working on an application of the principle to protect password managers. These applications can automatically generate very strong passwords, but are often themselves protected by weak user-generated passwords.
But, it says, "if those vaults were protected with Honey Encryption, each incorrect attempt to decrypt a vault would yield a fake one instead."