HUANG Jian, MIAO Fuyou, LÜ Jianlin, XIONG Yan. Mobile Phone Based Portable Key Management[J]. Chinese Journal of Electronics, 2013, 22(1): 124-130.
Citation: HUANG Jian, MIAO Fuyou, LÜ Jianlin, XIONG Yan. Mobile Phone Based Portable Key Management[J]. Chinese Journal of Electronics, 2013, 22(1): 124-130.

Mobile Phone Based Portable Key Management

Funds:  This work is supported by the National Natural Foundation of China (No.60970128, No.61170233), Youth Innovation Foundation of USTC of 2010.
  • Received Date: 2011-10-01
  • Rev Recd Date: 2011-11-01
  • Publish Date: 2013-01-05
  • Laptops are easy to lose to leak sensitive data, storing data in encrypted file systems does not sufficiently solve this problem. To decrypt a file, such systems often need to require a user to manually provide keys each time, which is annoying and directly discourages users to protect sensitive data effectively. The paper first presents a Portable key (PK) scheme, which employs a mobile phone to manage keys/passwords of a laptop. The laptop automatically requests key material from the mobile phone through Bluetooth link if needed, which sets users free from manually providing keys/passwords frequently. A remote control protocol is also provided to guarantee the security in case the mobile phone is lost. Finally, the paper extends the BAN logic and gives the formal security analysis and implementation, formal analysis shows that the scheme is secure to some typical attacks; implementation shows that the scheme brings little additional load to both sides and the protocol is efficient and practical.
  • loading
  • K. Small, Data breaches caused by human error, hardware theft.http://www.itnews.com.au/News/87188, data-breachescausedby-human-error-hardware-theft-survey.aspx.
    SecureStar, DriveCrypt: Disk encryption and data encryptionsoftware. http://www.securstar.com/products drivecrypt.php.
    XinHua News Agency, China has 929.84 Million Mobile PhoneUsers, http://news.xinhuanet.com/english2010/china/2011-08/29/c 131081438.htm, 2011.
    M.D. Corner and B.D. Noble, “Zero-interaction authentication”,in Proceedings of ACM Conference on Mobile Computingand Networking (MobiCom), Atlanta, USA, pp.1-11, 2002.
    Ahren Studer, Adrian Perrig, Mobile User Location-specificEncryption (MULE): Using Your Office as Your Password,WiSec’10, Hoboken, New Jersey, USA, pp.151-162, 2010.
    P. MacKenzie et al., “Networked cryptographic devices resilientto capture”, in Proceedings of IEEE Symposium on Security andPrivacy, Oakland, California, USA, pp.15-25, 2001.
    IEEE Std 802.15.1-2002, Specifications for Wireless PersonalArea Networks (WPANs), 2010.
    Michael Burrows, Martin Abadi, Roger Needham, “Authentication:A practical study in belief and action”, Proceedings ofthe 2nd Conference in Theoretical Aspects of Reasoning aboutKnowledge, San Francisco, CA, USA, pp.325-342, 1988.
    Michael Burrows, Martin Abadi, Roger Needham, “A logicof authentication”, ACM Transactions in Computer Systems,Vol.8, No.1, pp.18-36, 1990.
    RC4, http://en.wikipedia.org/wiki/RC4, 1987.
    J. Daemen, V. Rijmen, The Design of Rijndael: AES-the AdvancedEncryption Standard, Springer, Heidelberg, pp.1-239,2002.
    FIPS 46-3, Data Encryption Standard (DES), 1999.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (369) PDF downloads(2210) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return