期刊名称:Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
印刷版ISSN:2093-5374
电子版ISSN:2093-5382
出版年度:2010
卷号:1
期号:1
页码:46-55
出版社:Innovative Information Science & Technology Research Group
摘要:Due to its portability and accesibility, the USB memory has become one of the most popular storage devices. However, if the device is lost, stolen or hacked, it can lead to critical information leakage. It is natural that malicious insiders would try to thieve their colleagues' USB memories. Consequently, various security-incorporated USB products have been developed. To our best knowledge, there is lack of security analysis and comparison on them. In this paper, we explore the authentication protocols for the secure USB memory while analyzing their vulnerabilities. Also, we classify the vulnerabilities into 12 categories, based on which the protocols are then compared. In addition, some recommendations are given to address the vulnerabilities. It is expected for commercial secure USB products to provide enhanced security after a thorough revise on the authentication protocols of their software based on the introduced vulnerability categorization
关键词:Authentication protocol; Identification; USB Flash Memory; Reverse engineering
