Decoy Password Vaults: At Least as Hard as Steganography? - ICT Systems Security and Privacy Protection (SEC 2017)
Conference Papers Year : 2017

Decoy Password Vaults: At Least as Hard as Steganography?

Abstract

Cracking-resistant password vaults have been recently proposed with the goal of thwarting offline attacks. This requires the generation of synthetic password vaults that are statistically indistinguishable from real ones. In this work, we establish a conceptual link between this problem and steganography, where the stego objects must be undetectable among cover objects. We compare the two frameworks and highlight parallels and differences. Moreover, we transfer results obtained in the steganography literature into the context of decoy generation. Our results include the infeasibility of perfectly secure decoy vaults and the conjecture that secure decoy vaults are at least as hard to construct as secure steganography.
Fichier principal
Vignette du fichier
449885_1_En_24_Chapter.pdf (343.41 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01648993 , version 1 (27-11-2017)

Licence

Identifiers

Cite

Cecilia Pasquini, Pascal Schöttle, Rainer Böhme. Decoy Password Vaults: At Least as Hard as Steganography?. 32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. pp.356-370, ⟨10.1007/978-3-319-58469-0_24⟩. ⟨hal-01648993⟩
104 View
151 Download

Altmetric

Share

More