2 research outputs found
Recommended from our members
A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices
This paper proposes a key agreement scheme after secure authentication to prevent the unauthorized access of the data stored in a Universal Serial Bus (USB) Mass Storage Device (MSD). Due to the system architecture of this proposed scheme, authorized users can store their data in a secure encrypted form after performing authentication. The novelty of this work is that users can retrieve the encrypted data in not only the current session but also across different sessions, thus reducing the required communications overhead. This paper then analyses the security of the proposed protocol through a formal analysis to demonstrate that the information has been stored securely and is also protected offering strong resilience to relevant security attacks. The computational and communication costs of the proposed scheme is analyzed and compared to related works to show that the proposed scheme has an improved tradeoff for computational cost, communication cost and security
Recommended from our members
A software agent enabled biometric security algorithm for secure file access in consumer storage devices
In order to resist unauthorized access, consumer storage devices are typically protected using a low entropy password. However, storage devices are not fully protected against an adversary because the adversary can utilize an off-line dictionary attack to find the correct password and/or run an existing algorithm for resetting the existing password. In addition, a password protected device may also be stolen or misplaced allowing an adversary to easily retrieve all the stored confidential information from a removable storage device. In order to protect the consumer’s confidential information that has been stored, this paper proposes a mutual authentication and key negotiation protocol that can be used to protect the confidential information in the device. The functionality of the protocol enables the storage device to be secure against relevant security attacks. A formal security analysis using Burrows-Abadi-Needham (BAN) logic is presented to verify the presented algorithm. In addition, a performance analysis of the proposed protocol reveals a significantly reduced communication overhead compared to the relevant literature