Honey Encryption To Support Natural Language Messages

Present day cryptosystems, despite the actual fact that they offer privacy don't give flexibility against brute-force attacks. Honey encryption (HE) was projected as a countermeasure to the current issue of cryptography. HE is an encryption scheme that creates a considerable looking, however phony plaintext for each off base key given by a foe to decrypt a message. Every single conceivable message in reference to the first message are mapped to a seed space with the end goal that any key provided by the assailant when decrypting a message creates a relative, yet counterfeit message from the first message and this makes it troublesome for him to make a decision whether he has recuperated the first message or not. Be that as it may, a testing issue with HE is adjusting it to natural language message to deliver persuading counterfeit messages for records,as an example, emails.

A unique methodology of producing fake message utilizing Stanford Dependency Parser and WordNet from Princeton is projected here. The outcome demonstrates that the projected scheme viably delivers persuading imitation/honey messages that tricks the assailant. Furthermore, the structure, length and substance of the first message are hidden. At long last, we confirm the adequacy of the proposed scheme by checking the entropy of imitation messages from the plaintext.

Introduction

Cryptology continues to co-advance with the communication and computing technologies since the development of computers and introduction of the internet prompted fast impact of technology and digital media on each facet of human lives. It is basic that all applications when sent in reality winds up vulnerable to different types of attacks. Present day cryptographic encryption schemes in general,use a n bit key to guard the information. With enough computational power and time these schemes are susceptible to brute force attacks. The attacker can effectively decrypt the message since just the correct key provides a valid looking message and creates an invalid or mistake message for each incorrect key. In information security, imitation or honey objects are intense tools used to detect and distract an adversary from gaining access to an asset.

Honey Encryption proposed by A. Juels and T. Ristenpart is a counter measure to the flaw in the cutting edge encryption schemes by giving a valid looking fake message when an intruder tries to decrypt utilizing incorrect keys. Thus, an intruder utilizing a brute-force attack gain no information from speculating and checking of keys. The HE scheme was proposed within the context of password security where keys are of minimum entropy. Extending the scheme to work in other settings, for example, encoding reasonable estimated human documents, for example, email represents a genuine challenge.

This is because it requires generating fake content and context sensitive message similar to the original content while still concealing the original message. Various researchers have tried to comprehend this but there has been no much advancement. A study by Bernadeau et al tried to extend the scheme to support encoding human message. Their technique provided persuading bait messages for human message. Notwithstanding, partial content of the plaintext is revealed and their method fails to generate sane messages in some instance. These faults in their system may help the attacker acquire the plaintext. This paper starts with a detailed and clear background of Honey Encryption scheme, a propose a novel method of extending the scheme to support secure encoding of human message. The topics examined in this paper are:

1. A detailed attack analysis utilizing both the conventional and honey encryption method and shows how the honey encryption scheme effectively swindles an adversary in a minimum-entropy key setting.
2. This paper gives an argument on why the present method of adapting the HE scheme fails to display human-generated message
3. We propose an algorithm that produces fakes/fake messages for natural language messages. It produces reasonable length bait messages capable of tricking the adversary
4. The message structure in the proposed scheme is kept entirely secret and failed decryption creates radically different messages from the original messages.

Conventional Encryption Scheme

Terminologies

The basic terminologies utilized in any encryption scheme are: Plaintext: It is the original message in readable format before it is encoded. It is also alluded as original message, original text and true message. Encryption: It is the way toward applying some mathematical function to the actual message that renders it meaningless and inaccessible. Cipher text: It is the result of encryption process. It is an encoded data which will be meaningless or not in a human readable shape. Decryption: It is the invert procedure of encryption. It decrypts the encoded data utilizing a few algorithms to obtain the original message Adversary: Someone who tries to make an unauthorized access to the system/message secretly. They are also alluded to as Intruder, attacker or Unethical hacker.

Scheme setting

In conventional encryption scheme,the sender and recipient agree upon a secret key that for encrypting and decrypting the plain text. The plain text that is to be shared with the recipient is first encoded using a secret key utilizing any one of the encryption algorithms like Data encryption Standard(DES),Advanced Encryption Standard (AES),Blowfish Algorithm etc. AES algorithm is the frequently employed algorithms these days.

The output of the encryption is cipher data and is an encoded message. And this is often shared to the collector side where the recipient make use of the same key to decode the cipher text. As a result of the decryption the original plain text is recouped. There are mainly two types of encryption: Symmetric key/private key encryption: It utilizes the same key to encrypt and decipher messages. The key is shared between the sender and beneficiary as it were. Public key Encryption: Here, there are different keys to encrypt and decipher the messages. The Encryption key is made public that any one can utilize and then encrypt messages. But the key for decrytion is present in the recipient hands and they simply retrieve and decrypt the message. Using this method the sensitive data is shared between two parties secretly by concealing the information from the outside world.

Brute Force Attacks

We utilize passwords to safeguard our sensitive information from others. In the event that this secret password is made available, anyone will get the data. The plain text/message M is encrypted using password P as a cipher text. (C = encP(M)). This cipher text is decrypted as M = decP(C). In the event that a decryption attempt is made by an adversary utilizing an incorrect password, a mistake message is produced. Here is where the brute force attack will occur. Brute Force Attack is a trial-blunder methodology used to get the passwords/keys keeping in mind the end aim to obtain the unauthorized data. It fills in as pursues: whenever a wrong key is utilized to decode a cipher text, a mistake message is produced. For the adversary, this is can be truly a pointer that the key he/she is trying is a wrong key. He continues his try with other keys and finally obtain the correct key after various trials. Infact, all the combinations can be tried and at last the correct one is obtained. Usually,in brute force attacks, an automated software is utilized for generating all different possibilities of the password length and finally the correct key opens up the information to the hacker. Despite the fact that it is time consuming,the weak and short passwords can simply be cracked. The figure above shows the transmission between a sender and receiver who uses the same key to encode/decode the message. When an attacker tries to decode the message using an incorrect key, he gets aninvalid looking output. This helps him to spot the incorrect keys and figure out what the actual key is.

Honey Encryption

What is Honey encryption?

Conventionally, all sensitive data was encoded utilizing cipher keys to cipher texts and with utilization of these keys, data could be obtained. But the conventional algorithms failed to deal with Brute Force Attacks. Whenever hackers/attackers try for penetrating utilizing incorrectly keys,they get some meaningless messages. This helps them to find that key is not right and can try again using a different key. Honey Encryption addresses such techniques. Honey Encryption is an encryption scheme which serves up plausible-looking however fake message as a reaction to every invalid key provided by an attacker amid a brute force attack. Therefore the attacker gains no data. With each attack utilizing a wrong key, a valid looking however fake plaintext is obtained. They are conjointly referred as Honey messages. These messages could seem plausible however they will be incorrect. The attacker will get a bunch of fake plain texts all similar to the actual texts. During this context, regardless of whether or not the attacker has the actual text with him, he/she cannot filter out the right one. Figure on the top demonstrates the Honey Encryption scheme. The sender encrypts the message "HelloBob" and sends to the receiver. The receiver decrypts the precise message utilizing the same key as the encoder. The assailant utilizing a different key gets a valid looking output. During this case, he gets "GoodNight".

Distribution Transforming Encoder-DTE

The Honey Encryption scheme is outlined with a cryptographic primitive named Distribution Transforming Encoder(DTE). It is a pair of algorithm DTE=(encode, decode),where encode takes a Message Space M as input and returns a value in the Seed Space S as output. Decode takes as input a value S and returns an output message M. Message Space is the place where all available passwords are placed. The possible values are mapped to a seed, utilizing a particular value of n. The seeds are distributed based to the probability of the occurrence of the password. Like for more common passwords, those seeds are provided a higher probability when compared to the far-fetched/uncommon passwords. Honey Encryption includes a DTE-and-then-encrypt process. This means that the sender applies the DTE to the original message he intends encoding and then uses any conventional encryption schemes over it as a second layer of encryption.

The DTE represents the model of the message. A decent DTE is intended to model the message distribution well such that if a seed is selected uniformly at random and applied to it, the message is recovered. The intuition here is to make the encoding process randomized to give legitimate secrecy and make the decoding process deterministic. Prior to encrypting a message, the conceivable message space ought to be determined. The messages ought to be sorted in some request. Then for each message, the probability of the message (PDF) that occurs in the message space and the cumulative probability(CDF) is required. A seed space ought to be available for the distribution-transforming encoder (DTE) to map each message to a seed range in the seed space (- bit binary string space). The DTE determines the seed range for each message according to the PDF and CDF of the message and makes beyond any doubt that the PDF of the message is equal to the ratio of the corresponding seed range to the seed space. The - bit seed space must be sufficiently enormous with the goal that each message can be mapped to at least one seed. A message can be mapped to multiple seeds and the seed is randomly selected.