Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Mutual authentication and trust bootstrapping towards secure disk encryption
Götzfried J., Müller T. ACM Transactions on Information and System Security17 (2):1-23,2014.Type:Article
Date Reviewed: Mar 30 2015

The data on storage devices for laptops and mobile devices need protection from theft and misplacement, and require reliable security schemes. How can users securely access encrypted data on storage devices? The authors offer a tamper-proof bootstrapping security protocol for authentication before signing in with passwords.

The secure mutual authentication protocol requires a user to have a universal serial bus (USB) drive and a password to gain access to an encrypted hard disk. The security protocol uses the trusted platform module to seal and store numbers that are applied once on an external USB drive and to safely indicate the veracity state of the computer to the user. The USB drive also houses a sealed token that binds it to the decryption process for the disk. The hypervisor-based implementation of the security protocol can interrupt the rights of entry to a hard disk, and its encryption operations are transparent to the operating system. The system provides tools for recovering from exposure to dangers.

The authors skillfully evaluate the safety of the security protocol as an attacker tries to break the authentication scheme between the user, the computer, and the device. The protocol is indeed secure from an attack as long as the user can be securely authenticated to the computer without any interruption; the computer can unfailingly allow the user to enter a password, seal and unseal information, and use unpredictable nonces; and the device maintains privacy and accurately processes nonces. Although the security scheme is vulnerable to hardware attacks such as keylogging and bus sniffing, the authors present a reliable bootstrapping protocol that averts replay attacks, denies code injection on the disk, repels cold boots, and deals with plausible deniability.

Reviewer:  Amos Olagunju Review #: CR143296 (1507-0600)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Security and Protection (D.4.6 )
 
 
Data Encryption (E.3 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Jun 1 1992
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article
Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article
Nov 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy