Abstract
USB interface is one of the most frequently used communication interfaces of computer, whose security problems come to appear gradually nowadays. However, people usually pay much more attention to the secure store and authenticated access rather than the security of USB cable. In this paper, a new attack approach on USB cable is proposed and a USB cable monitor is designed. Based on FPGA environment, practical monitoring experiments on common USB devices such as flash disk are made. Accordingly, some strategies against the monitoring USB cable attack are given based on cryptography.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Compaq, Hewlett-Packard, Intel, Lucent, Microsoft, NEC, Philips (2000) Universal serial bus specification revision 2.0, http://www.usb.org/developers/docs
Handschuh H, Trichina E (2007) Securing flash technology. In: Proceeding IEEE Symposium workshop on fault diagnosis and tolerance in cryptography. IEEE Press pp 3–17
FreeOTFE Develop Group (2009) FreeOTFE user manual. http://www.freeotfe.org/user_man-ual.html
Sony Corporation (2005) Sony USB storage media with fingerprint access. http://www.sony.com.cn/products/rme/b2c/flash/download/fingerprint/2550330612.pdf
CE-Infosys (2009) Data sheet of CompuSec mobile hardware security for notebooks. http://www.ce-infosys.com.sg/english/pdf/datasheets/CompuSec_Mobile.pdf
SUNZone TEC CO. Ltd. (2009) Data sheet of SUZP168x 3DES PINPad, http://www.sunzone.com.tw/PDF/PINPad_POS_Terminals/PINPad/SUZP168x_3DES/SUZCRP168-MA10.pdf
Philips Semiconductor (2001) Data sheet of PDIUSBP11A universal serial bus transceiver. http://www.semiconductors.philips.com/documents/data_sheet/PDIUSBP11A_3.pdf
Bellovin SM, Merritt M (1992) Encrypted key exchange: password-based protocols secure against dictionary attacks. In:Proceedings of the IEEE symposium on research in security and privacy. pp 72–84
Shamir A (1985) Identity-based cryptosystems and signature schemes, Advances in Cryptology—Crypto 1984, LNCS vol 196, Springer, Heidelberg pp 47–53
Adams C, Farrell S (1999) Internet X.509 public key infrastructure: certificate management protocols, RFC 2510. March 1999
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, A., Li, Z., Yang, X., Feng, B. (2013). A New Security Problem of USB: Monitoring Cable Attack and Countermeasures. In: Lu, W., Cai, G., Liu, W., Xing, W. (eds) Proceedings of the 2012 International Conference on Information Technology and Software Engineering. Lecture Notes in Electrical Engineering, vol 211. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34522-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-34522-7_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34521-0
Online ISBN: 978-3-642-34522-7
eBook Packages: EngineeringEngineering (R0)