Decoy Password Vaults: At Least as Hard as Steganography?

Abstract : Cracking-resistant password vaults have been recently proposed with the goal of thwarting offline attacks. This requires the generation of synthetic password vaults that are statistically indistinguishable from real ones. In this work, we establish a conceptual link between this problem and steganography, where the stego objects must be undetectable among cover objects. We compare the two frameworks and highlight parallels and differences. Moreover, we transfer results obtained in the steganography literature into the context of decoy generation. Our results include the infeasibility of perfectly secure decoy vaults and the conjecture that secure decoy vaults are at least as hard to construct as secure steganography.
Document type :
Conference papers
Complete list of metadatas

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-01648993
Contributor : Hal Ifip <>
Submitted on : Monday, November 27, 2017 - 10:31:10 AM
Last modification on : Monday, November 27, 2017 - 10:34:18 AM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2020-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Cecilia Pasquini, Pascal Schöttle, Rainer Böhme. Decoy Password Vaults: At Least as Hard as Steganography?. 32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. pp.356-370, ⟨10.1007/978-3-319-58469-0_24⟩. ⟨hal-01648993⟩

Share

Metrics

Record views

47