Deniable encryption prevents brute force attacks on the phone– when we store the seed file on the device it can be protected by the use of a passcode using PBKDF2 (an algorithm used to generate an encryption key from a password), some competitors do this also because it is best practice, what we do though is when we decrypt the seed file our padding scheme has mostly random data that is mostly ignored and there is a small subsection used to actually check the decryption, this is 4-8 bits that there is a significant chance that a random guess will appear to detect correctly despite it being incorrect (for instance with 4 bits, there is a 1 in 16 chance that a random guess will be correct and the only way for an attacker to determine the correct seed out of all of these guesses that appear correct but the vast majority are not is to guess against that mi-token system which can then be detected) – (removes the assurance that your correct decryption is the only one that matches)
Deniable soft-token encryption Print
Modified on: Tue, 4 Nov, 2014 at 10:25 AM
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.