Nahri Syeda Noorunnisa, Dr. Khan Rahat Afreen
Abstract: Users mostly select common passwords which are easy to remember and easy to guess. Passwords are often protected in the database in the form of cryptographic hash function. There are many hash cracking tools available which can easily crack these hashes when the passwords are weak. Weak passwords are not just the problem for hashing but also affect the security in Password-Based Encryption (PBE) scheme where the message is encrypted under a password. PBE is used to protect sensitive data and mostly used in Password Managers. Password Manager (PM) compiles small database of passwords and their associated accounts, and this database is encrypted with a user-selected master Password and is therefore vulnerable to brute force cracking of Master Password. In this review paper we have studied Honey Encryption (HE) which is a new encryption scheme that provides resilience against brute force attacks by ensuring that messages decrypted with invalid keys yield a valid-looking bogus message.
Keywords: Password-based Encryption, Password Managers, Brute force attack, Honey Encryption