Volume 22 Issue 1
Turn off MathJax
Article Contents
Abstract
References
HUANG Jian, MIAO Fuyou, LÜ Jianlin, XIONG Yan. Mobile Phone Based Portable Key Management[J]. Chinese Journal of Electronics, 2013, 22(1): 124-130.
Citation: HUANG Jian, MIAO Fuyou, LÜ Jianlin, XIONG Yan. Mobile Phone Based Portable Key Management[J]. Chinese Journal of Electronics, 2013, 22(1): 124-130.
shu

Mobile Phone Based Portable Key Management

  • School of Computer Science, University of Science and Technology, Hefei 230026, China

Funds: This work is supported by the National Natural Foundation of China (No.60970128, No.61170233), Youth Innovation Foundation of USTC of 2010.
More Information
  • Received Date: September 30, 2011
  • Revised Date: October 31, 2011
  • Published Date: January 04, 2013
    Graphical Abstract
    • Abstract
  • Laptops are easy to lose to leak sensitive data, storing data in encrypted file systems does not sufficiently solve this problem. To decrypt a file, such systems often need to require a user to manually provide keys each time, which is annoying and directly discourages users to protect sensitive data effectively. The paper first presents a Portable key (PK) scheme, which employs a mobile phone to manage keys/passwords of a laptop. The laptop automatically requests key material from the mobile phone through Bluetooth link if needed, which sets users free from manually providing keys/passwords frequently. A remote control protocol is also provided to guarantee the security in case the mobile phone is lost. Finally, the paper extends the BAN logic and gives the formal security analysis and implementation, formal analysis shows that the scheme is secure to some typical attacks; implementation shows that the scheme brings little additional load to both sides and the protocol is efficient and practical.
    • FullText(HTML)
    • References (12)
  • K. Small, Data breaches caused by human error, hardware theft. http://www.itnews.com.au/News/87188, data-breachescausedby-human-error-hardware-theft-survey.aspx.
    SecureStar, DriveCrypt: Disk encryption and data encryptionsoftware. http://www.securstar.com/products drivecrypt.php.
    XinHua News Agency, China has 929.84 Million Mobile PhoneUsers, http://news.xinhuanet.com/english2010/china/2011-08/29/c 131081438.htm, 2011.
    M.D. Corner and B.D. Noble, “Zero-interaction authentication”,in Proceedings of ACM Conference on Mobile Computingand Networking (MobiCom), Atlanta, USA, pp.1-11, 2002.
    Ahren Studer, Adrian Perrig, Mobile User Location-specificEncryption (MULE): Using Your Office as Your Password,WiSec’10, Hoboken, New Jersey, USA, pp.151-162, 2010.
    P. MacKenzie et al., “Networked cryptographic devices resilientto capture”, in Proceedings of IEEE Symposium on Security andPrivacy, Oakland, California, USA, pp.15-25, 2001.
    IEEE Std 802.15.1-2002, Specifications for Wireless PersonalArea Networks (WPANs), 2010.
    Michael Burrows, Martin Abadi, Roger Needham, “Authentication:A practical study in belief and action”, Proceedings ofthe 2nd Conference in Theoretical Aspects of Reasoning aboutKnowledge, San Francisco, CA, USA, pp.325-342, 1988.
    Michael Burrows, Martin Abadi, Roger Needham, “A logicof authentication”, ACM Transactions in Computer Systems,Vol.8, No.1, pp.18-36, 1990.
    RC4, http://en.wikipedia.org/wiki/RC4, 1987.
    J. Daemen, V. Rijmen, The Design of Rijndael: AES-the AdvancedEncryption Standard, Springer, Heidelberg, pp.1-239,2002.
    FIPS 46-3, Data Encryption Standard (DES), 1999.
    • Related Articles

Catalog

    Get Citation
    PDF
    XML

    Article Metrics

    Article views (692) PDF downloads (2214) Cited by()
    Related

    Links

    IEEE CJE Homepage CNKI Chinese Institute of Electronics Journal of Semiconductors
    E-mail Alert RSS

    Chinese Journal of Electronics

    (Bimonthly)

    ISSN    1022-4653CN  10-1284/TN

    eISSN  2075-5597CODEN CHJEEW

    CJE QR CODE

    CIE QR CODE

    Copyright © Editorial Office of Chinese Journal of Electronics | 京ICP备12041980号-1 | Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return