Volume 1 - Issue 1
Safe Authentication Protocol for Secure USB Memories
- Kyungroul Lee
Soonchunhyang Univeristy, Dept. of Information Security Engineering, 646 Eupnae, Shinchang, Asan, Korea
carpedm@sch.ac.kr
- Hyeungjun Yeuk
Soonchunhyang Univeristy, Dept. of Information Security Engineering, 646 Eupnae, Shinchang, Asan, Korea
goodyug@sch.ac.kr
- Youngtae Choi
Soonchunhyang Univeristy, Dept. of Information Security Engineering, 646 Eupnae, Shinchang, Asan, Korea
cocoip@sch.ac.kr
- Sitha Pho
Soonchunhyang Univeristy, Dept. of Information Security Engineering, 646 Eupnae, Shinchang, Asan, Korea
schpho@sch.ac.kr
- Ilsun You
Korea Bible Univeristy, School.of Computer Science, 205 Sanggye7, Nowon, Seoul, Korea
isyou@gmail.com
- Kangbin Yim
Soonchunhyang Univeristy, Dept. of Information Security Engineering, 646 Eupnae, Shinchang, Asan, Korea
yim@sch.ac.kr
Keywords: Authentication protocol, Identification, USB Flash Memory, Reverse engineering
Abstract
Due to its portability and accesibility, the USB memory has become one of the most popular storage
devices. However, if the device is lost, stolen or hacked, it can lead to critical information leakage. It
is natural that malicious insiders would try to thieve their colleagues’ USB memories. Consequently,
various security-incorporated USB products have been developed. To our best knowledge, there is lack
of security analysis and comparison on them. In this paper, we explore the authentication protocols for
the secure USB memory while analyzing their vulnerabilities. Also, we classify the vulnerabilities into
12 categories, based on which the protocols are then compared. In addition, some recommendations
are given to address the vulnerabilities. It is expected for commercial secure USB products to provide
enhanced security after a thorough revise on the authentication protocols of their software based on the
introduced vulnerability categorization.