1

I'm looking for specific names and literature on crypto algorithms that accept every passphrase input by the user, in order to 'decrypt' - even with false passphrase - and present the unlegit user with a false plaintext. The unlegit user should not be able to determine whether the 'decrypted' text is real or fake - as it accepts every passphrase.

Of course using the legit passphrase reveals the legit plaintext.

I found two examples of what I mean: The Fraunhofer Institut in Germany invented a smartphone password-manager app that uses this kind of technology. Its called iMobileSitter. And I think on Eurocrypt2014 a paper called 'Honey Encryption' with a similar algorithm has been submitted.

otus
  • 32,462
  • 5
  • 75
  • 167
user3200534
  • 175
  • 4

1 Answers1

0

I'm not sure of the exact status of the program, since there was some controversy surrounding it a few weeks ago, see: Is TrueCrypt not secure now and should I stop using it?. But the very popular program TrueCrypt, a program is typically used to encrypt stored files and drives, I believe has the property that you are asking about. Its called: Plausible Deniablility. So combine the concept of plausible deniablility with strong crypto and you have Deniable Encryption

A passage from the page on deniable encryption states:

Normally ciphertexts decrypt to a single plaintext and hence once decrypted, the encryption user cannot claim that he encrypted a different message. Deniable encryption allows its users to decrypt the ciphertext to produce a different (innocuous but plausible) plaintext and insist that it is what they encrypted. The holder of the ciphertext will not have the means to differentiate between the true plaintext, and the bogus-claim plaintext.

How TrueCrypt implements this, is basically by allowing you to make hidden partitions on a hard drive, and have "fake" partitions to fool attackers.

Community
  • 1
Finding Nemo 2 is happening.
  • 336
  • 1
  • 5
  • 17