Title :
Attestation & Authentication for USB Communications
Author :
Zhaohui Wang ; Johnson, R. ; Stavrou, Angelos
Author_Institution :
Dept. of Comput. Sci., George Mason Univ., Fairfax, VA, USA
Abstract :
In this paper, we present the design, implementation, and software testing of USBSec, a secure extension of the vanilla USB protocol that incorporates host authentication to defend against software threats. Specifically, we force the USB host to supply authentication information to the peripheral device before enumerating the device. The peripheral validates the authentication information against its own list of authorized host keys. If both sides can validate each other, standard USB enumeration continues otherwise the connection is terminated. We have implemented a fully working prototype of USBSec based on USB implementation in Linux kernel and our experimental results demonstrate its practicality and effectiveness.
Keywords :
Linux; authorisation; operating system kernels; peripheral interfaces; program testing; Linux kernel; USB communication; USB enumeration; USB host; USB implementation; USBSec prototype; attestation; authentication information; authorized host keys; peripheral device; software testing; software threats; vanilla USB protocol; Authentication; Hardware; Kernel; Protocols; Universal Serial Bus; Mobile Device; PKI; Security; USB;
Conference_Titel :
Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4673-2670-4
DOI :
10.1109/SERE-C.2012.43
