Escolar Documentos
Profissional Documentos
Cultura Documentos
ECOM 6031 Project Part 1 Information Solving Enterprise Security Problem with Hardware/Software Hybrid Solution
Dr Lucas Hui (CYC307, 28592190, hui@cs.hku.hk)
Motivation M ti ti
Cryptographic research seldom addresses execution environment (e.g. (e g hardware or software) Hardware environment provides better security
Motivation M ti ti (2)
Hardware Platform 1:
Hardware Platform 2:
Mobile Phone
IMEI : International Mobile Equipment Identity (unique ID) SIM card: unique phone number to receive message (in particular SMS) Alternative co te at e communication c a e u cat o channel (GSM/3G Vs Internet) Additional features: GPS / camera, camera external mini-SD card, etc.
JavaCard
Example systems
Mobile-Aided Encrypted Web File System Mobile-Aided Encrypted USB/PC File System y SMS-Aided Authentication System Encrypted Web File System using JavaCard
Javacard
Encrypted PC File System using JavaCard JavaCard-based Secret Communication System (JSCS)
Encrypted fil are stored on W b E d files d Web When PC is connected to a Mobile PC is able to decrypt and display files from Web after getting a key from g g y Mobile If PC is disconnected from the Mobile Files cannot be decrypted on ClientSide Demo is available
8
10
1. Keys stored i 1 K d in server, sent via SMS 2. Mobile and PC connected via t d i USB or Bluetooth
11
1. SMSKeyManagement 2. Integratewithopen sourcesoftwareTrueCrypt 2 Integrate with opensource software TrueCrypt 3. UsingGPS onlydecryptfilesathome,officeor selectedplaces
12
Internet
13
14
1. 2. 3. 4.
15
JSCS - D Demonstration t ti
Flow: 1. Cli Client goes online t li 2. Client sends a secret message to all other online users 3. Client sends a secret message to g some online users 4. Client goes offline 4 5. Check the server-side clients communication records
17
JSCS - D Demonstration t ti
1.
18
JSCS - D Demonstration t ti
1.
JSCS - D Demonstration t ti
2.
19
all l ll or leave it blank also bl k l means send to all other online users
20
JSCS - D Demonstration t ti
2.
JSCS - D Demonstration t ti
3.
Client sends a secret message to all other online users (contd) (cont d)
21
22
JSCS - D Demonstration t ti
3.
JSCS - D Demonstration t ti
4.
23
24
JSCS - D Demonstration t ti
5.
Q&A
Thank you!
25
26