CCF-A

For HE-based honey vault schemes, we 1) propose a new generic construction and an incremental update mechanism, which resists intersection attacks; 2) formally investigate the optimal strategy for online verifications and further propose several practical attacks, which can effectively distinguish real and decoy vaults for the existing honey vault schemes; 3) instantiate our construction with a well-designed multi-similar-password model, which can generate more plausible-looking decoys.

Multi-factor authentication (MFA) has been widely used to safeguard high-value assets. Unlike single-factor authentication (e.g., …

For existing honey encryption applications, we propose two types of attacks, encoding attacks and distribution difference attacks, and further show the insecurity of the applications. We propose a generic method to transform an arbitrary probability model to a probability model transforming encoder, which resists encoding attacks.

Despite three decades of intensive research efforts, it remains an open question as to what is the underlying distribution of …