Abstract

Password file disclosure has attracted a lot of attention recently. Once password files are stolen, attackers can quickly crack large numbers of passwords. In this paper, we propose Phoney, a system which employs a threshold cryptosystem to encrypt the password hashes in the password file and honeywords to confuse attackers. With the help of Phoney, attackers cannot get any password information easily even they steal the password files. All the password hashes are encrypted by our threshold cryptosystem. Even they are able to compromise the cryptosystem, attackers cannot identify the real password easily because of the false passwords (honeywords) deliberately added for each account to confuse the adversaries. In addition, attempts of submitting a honeyword will cause alarms to be set off. Experiments show that the time and storage cost of Phoney are acceptable, but the cracking search space is increased significantly.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Superword: A honeyword system for achieving higher security goals
Yimin Guo ... Yajun Guo
Computers & Security | VOL. 103
Yimin Guo, et. al.Yimin Guo ... Yajun Guo
17 Dec 2019
Improved hashing and honey-based stronger password prevention against brute force attack
Khin Su Myat Moe ... Thanda Win
-
Khin Su Myat Moe, et. al.Khin Su Myat Moe ... Thanda Win
01 Oct 2017
Detecting Password File Theft using Predefined Time-Delays between Certain Password Characters
Khaled W Mahmoud ... Khalid Mansour
Journal of Telecommunications and Information Technology | VOL. 4
Khaled W Mahmoud, et. al.Khaled W Mahmoud ... Khalid Mansour
20 Dec 2017
Password Cracking Detection System with Honeyword
International Journal on Recent and Innovation Trends in Computing and Communication | VOL. 5
31 Jan 2017
View more papers

More From: International Journal of Embedded Systems

Paper Title
Journal
Date
Author
Application of online MOOC education management technology in learning behaviour mining and dropout prediction
Yongwo Yuan
International Journal of Embedded Systems | VOL. 1
Yongwo YuanYongwo Yuan
01 Jan 2024
Interaction design of mobile devices and psychological education course reform of distance education for college students based on cognitive psychology
Xiaohui Ma ... Zhongwang Li
International Journal of Embedded Systems | VOL. 1
Xiaohui Ma, et. al.Xiaohui Ma ... Zhongwang Li
01 Jan 2024
Psychophysiological state recognition of middle school students based on vibraimage technology and k-means cluster analysis algorithm
Rui Huang ... Xiaoquan Liu
International Journal of Embedded Systems | VOL. 1
Rui Huang, et. al.Rui Huang ... Xiaoquan Liu
01 Jan 2024
Secured IoT node design through protected ITULES Family Group-II (ULWC) implementation against physical attacks for ubiquitous computing
Swapnil Sutar ... U. Surya Kameswari
International Journal of Embedded Systems | VOL. 1
Swapnil Sutar, et. al.Swapnil Sutar ... U. Surya Kameswari
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.