Click to Skip Ad
Closing in...
  1. amazon nest thermostat 3rd generation
    14:02 Deals

    Newest Nest Thermostat gets a rare Amazon discount ahead of Prime Day

  2. Prime Day Deals
    09:43 Deals

    These early Prime Day deals have prices so low, it’s like Amazon made a mistake

  3. Best Beach Towels For Sand
    11:44 Deals

    I’m never going to the beach again without this brilliant $18 Amazon find

  4. Amazon Deals
    10:30 Deals

    Today’s top deals: Free $15 Amazon credit, $530 70″ TV, $4 smart plugs, $8 sma…

  5. Instant Pot Accessories Amazon
    08:45 Deals

    You have to be nuts to own an Instant Pot without this $29 accessory kit from Amazon

Latest encryption trick to thwart hackers is as sweet as Honey

January 29th, 2014 at 1:44 PM
Honey Encryption trick

It seems like every other week another high-profile company’s servers are hacked. Last November, for example, Adobe suffered a security breach and as many as 150 million users’ may have been affected. Instead of crying about it, two security researchers are using these data dumps to try to thwart the next attackers, with a clever new method called Honey Encryption, reports MIT Technology Review.

With Honey Encryption, when hackers try to decrypt a secure database, they won’t know if they’ve correctly guessed the encryption key. Normally, an incorrect guess would return a garbled mess. But with Honey Encryption, an incorrect guess will return a fake, but legitimate-looking database that is based in part on the database dumps from previous security breaches.

Security researchers Ari Juels and Thomas Ristenpart developed Honey Encryption because they believed “[decoys] and deception are really underexploited tools in fundamental computer security.”

Right now, Juels is using Honey Encryption to create a fake password vault generator for password managers. While password managers may help users create complex and unique passwords for individual accounts, users often use weak master passwords because they frequently have to type them in. As a result, password managers are frequently the target of attackers.

To build the fake password vault generator, Juels is taking advantage of previous security breaches, using collections from previously hacked password managers and from other services.

Popular News