Honey Objects: Expanding a Cybersecurity Innovation
In computer science, honey encryption thwarts attackers by giving them decoys. For every wrong guess an attacker makes, trying to decrypt a message, honey encryption gives the attacker a decoy message that looks legitimate. This makes it very difficult or impossible for attackers to know when they’ve hit on the right decryption key or password. Ari Juels and Thomas Ristenpart, Computer Science, Cornell Tech, developed this type of encryption and the subsequent resources—called honey objects—which have proven to be powerful tools for detecting compromises to a system and for mitigating harm. Despite that honey objects are in widespread operational use, the scientific community has yet to offer overarching theories or principles that will both inspire technical innovations and guide practitioners toward effective deployment.
Juels and Ristenpart plan to fill this gap by developing a theoretical framework and associated tools for honey objects. They will appeal to formalisms from cryptography to reason about the security of honey objects and illuminate and expand their design space, bolstering the theoretical exploration with empirical investigation and validation using statistical models. They aim to uncover connections with related research domains, such as steganography and censorship evasion, showing how techniques from statistics and machine learning can serve in honey object construction. They also will provide rigorous security guarantees for honey objects, backed by experimental results. Their research, both theoretical and empirical, will support the creation of new, practical, deployment-worthy technologies to better secure and protect information systems.