There have been a lot of very public hacks recently which made off with entire user databases. The most recent, Equifax, saw hundreds of millions of users have their personal financial information leak online. Ooops.
As an end user, you can use best practises (e.g. don’t share passwords across sites, use 2-factor, etc), and still not be able to protect against this.
Best practises on the server end are to salt+hash passwords, but ultimately they need a non-encrypted database at some time to do work. What could be a way of improving the risks?
Well, what if we were to insert many millions of rows of ‘fake’ users into our real databases? This would reduce the value to the criminal. We could also ‘honeypot’ some of the fake users, use that to increase the risk the criminals get caught. But, how would we make fake users? Add a ‘fake’ boolean column? well then our criminals would just remove them. Hmm.
What if we were to steal a page from the networking world. E.g. look at how SYN COOKIES work. We could take a crypto-hash of the user information (hash name, address, …) and some salt, and then encrypt it with a private key. We can later check it was ours with the public key. This means all users (fake, real) have some column ‘hash’, and only the good user can tell if that means fake or real.
If we then added 100x fake:real ratio, it would dramatically lower the commercial value of the database, because the thief would get caught trying to check the names first.
What do you think? Hiding out in the open worked for (for a while) for Minister D. The advantage of adding a technique like this is its agnostic of the various other methods of security you use. If you never have data stolen, its irrelevant.