Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption

Beitrag in einer Fachzeitschrift
(Originalarbeit)


Details zur Publikation

Autorinnen und Autoren: Götzfried J, Müller T
Auflage: 2
Titel Sammelwerk: Transactions on Information and System Security (TISSEC)
Zeitschrift: ACM Transactions on Information and System Security
Verlag: ACM
Verlagsort: New York
Jahr der Veröffentlichung: 2014
Band: 17
ISSN: 1094-9224


Abstract

The weakest link in software-based full disk encryption is the authentication procedure. Since the master boot record must be present unencrypted in order to launch the decryption of remaining system parts, it can easily be manipulated and infiltrated by bootkits that perform keystroke logging; consequently, passwordbased authentication schemes become attackable. The current technological response, as enforced by Bit- Locker, verifies the integrity of the boot process by use of the trusted platform module. But, as we show, this countermeasure is insufficient in practice. We present STARK, the first tamperproof authentication scheme that mutually authenticates the computer and the user in order to resist keylogging during boot. To achieve this, STARK implements trust bootstrapping from a secure token to the whole PC. The secure token is an active USB drive that verifies the integrity of the PC and indicates the verification status by an LED to the user. This way, users can ensure the authenticity of the PC before entering their passwords.


FAU-Autorinnen und Autoren / FAU-Herausgeberinnen und Herausgeber

Götzfried, Johannes
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Müller, Tilo Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)


Zitierweisen

APA:
Götzfried, J., & Müller, T. (2014). Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption. ACM Transactions on Information and System Security, 17. https://dx.doi.org/10.1145/2663348

MLA:
Götzfried, Johannes, and Tilo Müller. "Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption." ACM Transactions on Information and System Security 17 (2014).

BibTeX: 

Zuletzt aktualisiert 2018-07-11 um 16:38