Journal of the Institute of Electronics Engineers of Korea TC (대한전자공학회논문지TC)
- Volume 46 Issue 1
- /
- Pages.121-132
- /
- 2009
- /
- 1229-635X(pISSN)
Hardware Crypto-Core Based Authentication System
하드웨어 암호코어 기반 인증 시스템
- Yoo, Sang-Guun (Dept. of Computer Science & Engineering, Sogang University) ;
- Park, Keun-Young (Dept. of Computer Science & Engineering, Sogang University) ;
- Kim, Tae-Jun (Dept. of Computer Science & Engineering, Sogang University) ;
- Kim, Ju-Ho (Dept. of Computer Science & Engineering, Sogang University)
- Published : 2009.01.25
Abstract
Default password protection used in operating systems have had many advances, but when the attacker has physical access to the server or gets root(administrator) privileges, the attacker can steal the password information(e.g. shadow file in Unix-like systems or SAM file in Windows), and using brute force and dictionary attacks can manage to obtain users' passwords. It is really difficult to obligate users to use complex passwords, so it is really common to find weak accounts to exploit. In this paper, we present a secure authentication scheme based on digital signatures and secure key storage that solves this problem, and explain the possible implementations using Trusted Platform Module(TPM). We also make a performance analysis of hardware and software TPMs inside implementations.
File
References
- 김정회, 김남, 전석희, "디지털 홀로그래픽 보안 인증 시스템", 전자공학회논문지, 제41권 SP편, 제2호, 89-98쪽, 2004년 3월
- 김영진, 문대성, 반성범, 정용화, 정교일, "임베디드 생체 인식 기술 구현:지문 보안 토큰 사례", 전자공학회 논문지, 제40권 CI편, 제6호, 39-46쪽, 2004년 11월
- P. Oechslin, "Making a Faster Cryptanalytic Time-Memory Trade-Off", CRYPTO 2003 LNCS 2729 pp. 617-630, 2003
- John the Ripper password cracker. http://www.openwall.com/john/
- Cain & Abel. http://www.oxid.it/cain.html
- Project RainborCrack. http://www.antsight.com/zsl/rainbowcrack
- Ophcrack. http://ophcrack.sourceforge.net
- Lemos Rob, "Hackers can crack most in less than a minute", CNET News.com, May 22 2002. http://www.news.com/2009-1001-916719.html
- Wikipedia, "Shadow password". http://en.wikipedia.org/wiki/Shadow_password
- Linux Shadow Password Howto. http://tldp.org/HOWTO/Shadow-Password-HOWTO.html
- Cracking Cached Domain/Active Directory Passwords on Windows XP/2000/2003 http://www.irongeek.com/i.php?page=security/cachecrack
- E. Suh, "AEGIS: A Single-Chip Secure Processor", MIT, Sept. 2005
- CryptoCards. IBM eServer Cryptographic Hardware Products http://www-03.ibm.com/security/cryptocards/
- TCG, TPM Main Part 1 Design Principles Specification Version 1.2 Level 2 Revision 103, Jul. 2007
- TCG, TPM Main Part 2 TPM Structures Specification version 1.2 Level 2 Revision 103, Jul. 2007
- TCG, TPM Main Part 3 Commands Specification Version 1.2 Level 2 Revision 103, Jul. 2007.
- R. Sailer, X. Zhang, T. Jaeger, L. van Doorn, "Design and implementation of a TCG-based integrity measurement architecture", 13th USENIX Security Symposium, pp 223-238, 2004
- GRUB TCG Patch to support Trusted Boot. http://trousers.sourceforge.net/grub.html
- Trusted Computing Group, TCG Specification Architecture overview Specification Revision 1.4, Aug. 2007
- M. Strasser, H. Stramer, J. Molina. Software- based Emulator. http://tpm-emulator.berlios.de
- L. Sarmenta, J. Rhodes, T. Muller, TPM/J Java-based API for the Trusted Platform Module (TPM), MIT CSAIL. http://tpm-emulator.berlios.de