Enhanced three-factor security protocol for consumer USB mass storage devices

Lists

Tools

He, D., Kumar, N., Lee, J.-H. and Sherratt, R. S. ORCID: https://orcid.org/0000-0001-7899-4445 (2014) Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Transactions on Consumer Electronics, 60 (1). pp. 30-37. ISSN 0098-3063

Preview

Text - Accepted Version
· Please see our End User Agreement before downloading.
449kB

It is advisable to refer to the publisher's version if you intend to cite from this work. See Guidance on citing.

To link to this item DOI: 10.1109/TCE.2014.6780922

Abstract/Summary

The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.

Item Type:	Article
Refereed:	Yes
Divisions:	Life Sciences > School of Biological Sciences > Department of Bio-Engineering
ID Code:	36555
Uncontrolled Keywords:	Authentication, Consumer Storage, Mass Storage Device, USB.
Publisher:	IEEE

Download Statistics

Downloads

Downloads per month over past year

Altmetric

Deposit Details

References

[1] M. Alzarouni, “The reality of risks from consented use of USB devices,” in Proc. 4th in Proc. 4th Australian Information Security Management Conference, pp. 312-317, December 2006. [2] C. Wu, W. Lee, and W. J. Tsaur, “A secure authentication scheme with anonymity for wireless communications,” IEEE Communications Letters, vol. 12, no. 10, pp. 722-723, Oct. 2008. [3] M. S. Hwang, and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Trans. Consumer Electron., vol. 46, no. 1, pp. 28-30, Feb. 2000. [4] W. C. Ku, and S. M. Chen, “Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards,” IEEE Trans. Consumer Electron, vol. 50, no. 1, pp. 204-207, Feb. 2004. [5] E. Yoon, E. Ryu, and K. Yoo, “Further improvement of an efficient password based remote user authentication scheme using smart cards,” IEEE Trans. Consumer Electron, vol. 50, no. 2, pp. 612-614, May 2004. [6] H. C. Hsiang, and W. K. Shih “Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards,” Computer Communications, Elsevier, vol. 32, no. 4, pp. 649-652, Mar. 2009. [7] K. -A. Shim, “Security flaws in three password-based remote user authentication schemes with smart cards,” Cryptologia, Taylor and Francis, vol. 36, no. 1, pp. 62-69, Jan. 2012. [8] D. -J. Kim, and K. -S. Hong, “Multimodal biometric authentication using teeth image and voice in mobile environment,” IEEE Trans. Consumer Electron., vol. 54, no. 4, pp. 1790-1797, Nov. 2008. [9] D. -J. Kim, K. -W. Chung, and K. -S. Hong, "Person authentication using face, teeth and voice modalities for mobile device security", IEEE Trans. Consumer Electron, vol. 56, no. 4, pp. 2678-2685, Nov. 2010. [10] S. -H. Lee, D. -J. Kim, and J. -H. Cho, “Illumination-robust face recognition system based on differential components,” IEEE Trans. Consumer Electron., vol. 58, no. 3, pp. 963-970, Aug. 2012. [11] F. –Y. Yang, T. –D. Wu, and S. –H. Chiu, “A secure control protocol for USB mass storage devices,” IEEE Trans. Consumer Electron., vol. 56, no. 4, pp. 2339-2343, Nov. 2010. [12] C. Schnorr, “Efficient identification and signatures for smart cards,” Journal of Cryptology, Springer, vol. 4, no. 3, pp. 161-174, 1991. [13] B. Chen, C. Qin, and L. Yu, “A Secure Access Authentication Scheme for Removable Storage Media,” Journal of Information & Computational Science, Binary Information Press, vol. 9, no. 15, pp. 4353-4363, Nov. 2012. [14] C. Lee, C. Chen, and P. Wu, “Three-factor control protocol based on elliptic curve cryptosystem for universal serial bus mass storage devices,” IET Computers & Digital Techniques, vol. 7, no. 1, pp. 48-55, Jan. 2013. [15] C. -T. Li, and M. -S. Hwang, “An efficient biometrics-based remote user authentication scheme using smart cards,” Journal of Network and Computer Applications, Elsevier, vol. 33, no. 1, pp. 1-5, Jan. 2010. [16] D. Hankerson, S. Vanstone, and A. Menezes, “Guide to elliptic curve cryptography,” Lecture Notes in Computer Science, 2004. [17] A. Das, “Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards”, IET Information Security, vol. 5, no. 3, pp. 145-151, Sept. 2011. [18] Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data,” in Proc. 2004 Int. Conf. Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, in Lecture Notes in Computer Science, pp. 523-540, 2004. [19] M. Burrows, M. Abadi, and R. Needham, “A logic of authentication,” ACM Trans. Computer Systems, vol. 8, no. 1, pp. 18-36, Feb. 1990. [20] J.-H. Lee and J.-M. Bonnin, “HOTA: Handover Optimized Ticket-based Authentication in Network-based Mobility Management,” Information Sciences, Elsevier, vol. 230, pp. 64-77, May 2013. [21] B. Schneier, Applied cryptography protocols algorithms, 2nd ed., Wiley, 1996

University Staff: Request a correction | Centaur Editors: Update this record

University of Reading

CentAUR: Central Archive at the University of Reading

Accessibility navigation

Enhanced three-factor security protocol for consumer USB mass storage devices

Abstract/Summary

Downloads

Page navigation

See also

Footer navigation