Mobile Phone Based Portable Key Management

HUANG Jian; MIAO Fuyou; LÜ Jianlin; XIONG Yan

Article Contents

Article Navigation > Chinese Journal of Electronics > 2013 > 22(1): 124-130

HUANG Jian, MIAO Fuyou, LÜ Jianlin, et al., “Mobile Phone Based Portable Key Management,” Chinese Journal of Electronics, vol. 22, no. 1, pp. 124-130, 2013,

Citation:

HUANG Jian, MIAO Fuyou, LÜ Jianlin, et al., “Mobile Phone Based Portable Key Management,” Chinese Journal of Electronics, vol. 22, no. 1, pp. 124-130, 2013,

HUANG Jian, MIAO Fuyou, LÜ Jianlin, et al., “Mobile Phone Based Portable Key Management,” Chinese Journal of Electronics, vol. 22, no. 1, pp. 124-130, 2013,

Citation:

HUANG Jian, MIAO Fuyou, LÜ Jianlin, et al., “Mobile Phone Based Portable Key Management,” Chinese Journal of Electronics, vol. 22, no. 1, pp. 124-130, 2013,

PDF( 454 KB)

Mobile Phone Based Portable Key Management

School of Computer Science, University of Science and Technology, Hefei 230026, China

Funds: This work is supported by the National Natural Foundation of China (No.60970128, No.61170233), Youth Innovation Foundation of USTC of 2010.

Received Date: 2011-10-01
Rev Recd Date: 2011-11-01
Publish Date: 2013-01-05

Abstract

Abstract

Laptops are easy to lose to leak sensitive data, storing data in encrypted file systems does not sufficiently solve this problem. To decrypt a file, such systems often need to require a user to manually provide keys each time, which is annoying and directly discourages users to protect sensitive data effectively. The paper first presents a Portable key (PK) scheme, which employs a mobile phone to manage keys/passwords of a laptop. The laptop automatically requests key material from the mobile phone through Bluetooth link if needed, which sets users free from manually providing keys/passwords frequently. A remote control protocol is also provided to guarantee the security in case the mobile phone is lost. Finally, the paper extends the BAN logic and gives the formal security analysis and implementation, formal analysis shows that the scheme is secure to some typical attacks; implementation shows that the scheme brings little additional load to both sides and the protocol is efficient and practical.
- Mobile phone,
- Key,
- Laptop,
- Data security,
- Bluetooth

FullText(HTML)

References(12)

References

K. Small, Data breaches caused by human error, hardware theft.http://www.itnews.com.au/News/87188, data-breachescausedby-human-error-hardware-theft-survey.aspx.

SecureStar, DriveCrypt: Disk encryption and data encryptionsoftware. http://www.securstar.com/products drivecrypt.php.

XinHua News Agency, China has 929.84 Million Mobile PhoneUsers, http://news.xinhuanet.com/english2010/china/2011-08/29/c 131081438.htm, 2011.

M.D. Corner and B.D. Noble, “Zero-interaction authentication”,in Proceedings of ACM Conference on Mobile Computingand Networking (MobiCom), Atlanta, USA, pp.1-11, 2002.

Ahren Studer, Adrian Perrig, Mobile User Location-specificEncryption (MULE): Using Your Office as Your Password,WiSec’10, Hoboken, New Jersey, USA, pp.151-162, 2010.

P. MacKenzie et al., “Networked cryptographic devices resilientto capture”, in Proceedings of IEEE Symposium on Security andPrivacy, Oakland, California, USA, pp.15-25, 2001.

IEEE Std 802.15.1-2002, Specifications for Wireless PersonalArea Networks (WPANs), 2010.

Michael Burrows, Martin Abadi, Roger Needham, “Authentication:A practical study in belief and action”, Proceedings ofthe 2nd Conference in Theoretical Aspects of Reasoning aboutKnowledge, San Francisco, CA, USA, pp.325-342, 1988.

Michael Burrows, Martin Abadi, Roger Needham, “A logicof authentication”, ACM Transactions in Computer Systems,Vol.8, No.1, pp.18-36, 1990.

RC4, http://en.wikipedia.org/wiki/RC4, 1987.

J. Daemen, V. Rijmen, The Design of Rijndael: AES-the AdvancedEncryption Standard, Springer, Heidelberg, pp.1-239,2002.

FIPS 46-3, Data Encryption Standard (DES), 1999.

Relative Articles

Supplements(0)

Cited By

Proportional views