Attestation & Authentication for USB Communications
نویسندگان
چکیده
In this paper, we present the design, implementation, and software testing of USBSec, a secure extension of the vanilla USB protocol that incorporates host authentication to defend against software threats. Specifically, we force the USB host to supply authentication information to the peripheral device before enumerating the device. The peripheral validates the authentication information against its own list of authorized host keys. If both sides can validate each other, standard USB enumeration continues otherwise the connection is terminated. We have implemented a fully working prototype of USBSec based on USB implementation in Linux kernel and our experimental results demonstrate its practicality and effectiveness.
منابع مشابه
On Making U2F Protocol Leakage-Resilient via Re-keying
The Universal 2nd Factor (U2F) protocol is an open authentication standard to strengthen the two-factor authentication process. It augments the existing password based infrastructure by using a specialized USB, termed as the U2F authenticator, as the 2nd factor. The U2F authenticator is assigned two fixed keys at the time of manufacture, namely the device secret key and the attestation private ...
متن کاملLightweight Remote Attestation using Physical Functions
Remote attestation is a mechanism to securely and verifiably obtain information about the state of a remote computing platform. However, resource-constrained embedded devices cannot afford the required trusted hardware components, while software attestation is generally vulnerable to network and collusion attacks. In this paper, we present a lightweight remote attestation scheme that links soft...
متن کاملAn Optimal Strong Password Authentication Protocol with USB Sticks
Authentication is the process for identify the correct user or not. The identities enclose mainly the username and passwords for verifying the two entities. The authentication information’s are stored in the form of encryption in a device which is properly registered in the server. At the time of authentication process performs between user and server the intruder can eves-dropping the communic...
متن کاملSurvey on Location Authentication Protocols and Spatial-Temporal Attestation Services
A survey on location authentication protocols and spatialtemporal attestation services is presented. Several protocols and services with these objectives have been proposed during the last decade, but still there is a lack of understanding of the security properties they should provide and which security mechanisms are appropriate. We first define the goals and threat model of location authenti...
متن کاملUniversally Composable Secure TNC Protocol Based on IF-T Binding to TLS
Trusted Network Connect (TNC) requires both user authentication and integrity validation of an endpoint before it connects to the internet or accesses some web service. However, as the user authentication and integrity validation are usually done via independent protocols, TNC is vulnerable to the Man-in-the-Middle (MitM) attack. This paper analyzes TNC which uses keys with Subject Key Attestat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012