A comprehensive review of honey encryption scheme

Abstract

We present a comprehensive survey of the Honey Encryption (HE) scheme. Honey Encryption is an encryption scheme that provides resilience against brute-force attack by serving up plausible-looking but fake plaintext for every invalid key used by an intruder to decrypt a message. Our goal is to furnish researchers with the framework of the scheme not just for implementation purpose but to identify the gaps in the scheme and answer the open questions that remain unanswered by the small set of research carried out since its inception. We identified two major open areas which are the difficulty of creating semantically and contextually plausible-looking and convincing decoy message that is good enough to fool the attacker into believing he has the original message. Secondly, typo problem; where a fake plaintext appears valid to a legitimate user when he mistakenly enters a wrong key. Our findings consolidate the need for further research as state-of-the-art research fails to produce convincing decoys that are good enough to keep the attacker from acquiring the message.