Skip to main content
SpringerLink
Log in

Security Improvement of Portable Key Management Using a Mobile Phone

  • Conference paper
  • First Online:
Computational Science and Its Applications -- ICCSA 2015 (ICCSA 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9158))

Included in the following conference series:

Abstract

Users often store sensitive information on their laptops, but it can be easily exposed to others if a laptop is lost or stolen. File encryption is a common solution to prevent the leakage of data from lost or stolen devices. For the management of strategies like this, key management is very important to protect the decryption key from attacks. Huang et al. proposed a portable key management scheme, whereby a laptop shares secret values with a mobile phone. Their scheme is convenient as well as practical because it is not reliant on a special device or password input. However, we found that it is still vulnerable to an attack if a laptop is stolen. In this paper, we analyse the security of Huang et al.’s scheme and propose a solution to the outstanding vulnerability. Our proposed scheme exploits two types of keys including a one-time symmetric key to protect the file decryption key. Additionally, the security improvement does not compromise the convenience of the portable key management scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Corner, M.D., Noble, B.D.: Zero-interaction authentication. In: Proceedings of the 8th Annual International Conference on Mobile Computing and Networking, pp. 1–11. ACM (2002)

    Google Scholar 

  2. Studer, A., Perrig, A.: Mobile user location-specific encryption (mule): using your office as your password. In: Proceedings of the Third ACM Conference on Wireless Network Security, pp. 151–162. ACM (2010)

    Google Scholar 

  3. Foster, A.L.: Increase in stolen laptops endangers data security. The Chronicle of Higher Education (2008)

    Google Scholar 

  4. Wyld, D.C.: Help! someone stole my laptop!: how rfid technology can be used to counter the growing threat of lost laptops. Journal of Applied Security Research 4(3), 363–373 (2009)

    Article  Google Scholar 

  5. Wyld, D.C.: Preventing the worst scenario: combating the lost laptop epidemic with rfid technology. In: Novel Algorithms and Techniques in Telecommunications and Networking, pp. 29–33. Springer (2010)

    Google Scholar 

  6. MacKenzie, P., Reiter, M.K.: Networked cryptographic devices resilient to capture. International Journal of Information Security 2(1), 1–20 (2003)

    Article  Google Scholar 

  7. Huang, J., Miao, F., Lv, J., Xiong, Y.: Mobile phone based portable key management. Chinese Journal of Electronics 22(1) (2013)

    Google Scholar 

  8. Choi, D.-H., Choi, S., Won, D.: Improvement of probabilistic public key cryptosystems using discrete logarithm. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 72–80. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  9. Nam, J., Choo, K.K.R., Park, M., Paik, J., Won, D.: On the security of a simple three-party key exchange protocol without servers public keys. The Scientific World Journal 2014 (2014)

    Google Scholar 

  10. Shamir, A.: How to share a secret. Communications of the ACM 22(11), 612–613 (1979)

    Article  MATH  MathSciNet  Google Scholar 

  11. Chang, C.C., Chou, Y.C., Sun, C.Y.: Novel and practical scheme based on secret sharing for laptop data protection. IET Information Security (2014)

    Google Scholar 

  12. Lee, J.S., Su, Y.W., Shen, C.C.: A comparative study of wireless protocols: bluetooth, uwb, zigbee, and wi-fi. In: 33rd Annual Conference of the IEEE Industrial Electronics Society, IECON 2007, pp. 46–51. IEEE (2007)

    Google Scholar 

  13. Park, S., Park, S., Kim, K., Won, D.: Two efficient rsa multisignature schemes. Information and Communications Security, 217–222 (1997)

    Google Scholar 

  14. Lee, Y., Ahn, J., Kim, S., Won, D.: A PKI system for detecting the exposure of a user’s secret key. In: Atzeni, A.S., Lioy, A. (eds.) EuroPKI 2006. LNCS, vol. 4043, pp. 248–250. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Kwon, T., Song, J.: Security and efficiency in authentication protocols resistant to password guessing attacks. In: Proceedings of the 22nd Annual Conference on Local Computer Networks, pp. 245–252. IEEE (1997)

    Google Scholar 

  16. Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 161–170. ACM (2002)

    Google Scholar 

  17. Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 364–372. ACM (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information and Communication Engineering, Sungkyunkwan University, Seoul, South Korea

    Jiye Kim, Donghoon Lee, Younsung Choi & Dongho Won

  2. Department of Cyber Investigation Police, Howon University, Gunsan-si, South Korea

    Youngsook Lee

Authors
  1. Jiye Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Donghoon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Younsung Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Youngsook Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dongho Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dongho Won .

Editor information

Editors and Affiliations

  1. University of Perugia, Perugia, Italy

    Osvaldo Gervasi

  2. University of Basilicata, Potenza, Italy

    Beniamino Murgante

  3. Covenant University, Canaanland, Nigeria

    Sanjay Misra

  4. University of Calgary, Calgary, Alberta, Canada

    Marina L. Gavrilova

  5. University of Minho, Braga, Portugal

    Ana Maria Alves Coutinho Rocha

  6. Polytechnic University, Bari, Italy

    Carmelo Torre

  7. Monash University, Clayton, Victoria, Australia

    David Taniar

  8. Kyushu Sangyo University, Fukuoka, Japan

    Bernady O. Apduhan

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Kim, J., Lee, D., Choi, Y., Lee, Y., Won, D. (2015). Security Improvement of Portable Key Management Using a Mobile Phone. In: Gervasi, O., et al. Computational Science and Its Applications -- ICCSA 2015. ICCSA 2015. Lecture Notes in Computer Science(), vol 9158. Springer, Cham. https://doi.org/10.1007/978-3-319-21410-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-21410-8_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-21409-2

  • Online ISBN: 978-3-319-21410-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation